Secure operation requirements
67
Building Technologies
048_DMS_NK8237_ICC_MP4.40_A6V10316241_a_en.doc
Fire Safety & Security Products
06.2011
10
Secure operation requirements
The security of systems requires appropriate planning and proper organizational
procedures. Please review the following basic checklist of the issues to consider:
Physical
Security
Access to the room and/or areas where the communication units and control
stations are installed should be reserved to authorized personnel, and/or ade-
quate protection should be put in place on the computers to prevent potential at-
tacks or sabotage.
On computer stations equipped with license-related devices (e.g. USB keys),
particular attention should be given to the protection of these devices.
Power supply should include UPS to guarantee stable power. Cabinets with
sensitive information (e.g. documents, passwords, backup tapes, and memory
support) should be properly protected and possibly locked.
Security on the IP Network communication should be evaluated and appropriate
protections implemented with the possible application of encrypted communica-
tion protocols, including the NK8000 secure download option.
System
configuration
Depending on the IT security strategy, adequate firewall as well as virus, spy-
ware, and malware protection should be installed on the system computers.
Critical Operating System updates should also be installed whenever they are
available and required for security and/or system stability (refer to Microsoft
Windows Updates web services).
DMS8000 software and tools have shown good compatibility with most
popular antivirus and security suite applications
.
In the installation and configuration, the specific security features should be ap-
plied as required.
Operational
procedures
An appropriate security policy should be applied to the password management
and expiration using the related tools.
Operators should be instructed to logout (or at least lock their screen, if that is
permitted) when they are away from their desk. No written passwords or related
hints should ever be left on the desks.
Configuration
backups
Configuration backups should be performed after every project modification,
and the related media stored in a safe place and possibly offsite. The backup
list includes:
Based on the above listed data and information, a data recovery scheme should
be put in place.
Passwords
Keep a (security protected) copy of the master passwords for Windows and
other administration password(s).
Data privacy and protection
Compliance with local regulations must be addressed. This can concern paper
listings as well as tapes and memory support.
For further information on general security issues regarding Siemens products,
please refer to the internal documentation and procedures on this subject.