Secure operation requirements
8
60
Building Technologies
A6V10403182_a_en
Fire Safety & Security Products
30.09.2014
8
Secure operation requirements
The security of systems requires appropriate planning and proper organizational
procedures. Please review the following basic checklist of the issues to consider:
Physical Security
Access to the room and/or areas where the communication units and control
stations are installed should be reserved to authorized personnel, and/or
adequate protection should be put in place on the computers to prevent
potential attacks or sabotage. On computer stations equipped with license-
related devices (e.g. USB keys), particular attention should be given to the
protection of these devices. Power supply should include UPS to guarantee
stable power. Cabinets with sensitive information (e.g. documents, passwords,
backup tapes, and memory support) should be properly protected and possibly
locked. Security on the IP Network communication should be evaluated and
appropriate protections implemented with the possible application of encrypted
communication protocols, including the NK8000 secure download option.
System configuration
Depending on the IT security strategy, adequate virus as well as spyware, and
malware protection should be installed on the system computers. Critical
Operating System updates should also be installed whenever they are
available and required for security and/or system stability (refer to Microsoft
Windows Updates web services).
DMS8000 software and tools have shown
good compatibility with most popular antivirus and security suite applications. In
the installation and configuration, the specific security features should be
applied as required.
Operational procedures
An appropriate security policy should be applied to the password management
and expiration using the related tools. Operators should be instructed to logout
(or at least lock their screen, if that is permitted) when they are away from their
desk. No written passwords or related hints should ever be left on the desks.
Configuration backups
Configuration backups should be performed after every project modification,
and the related media stored in a safe place and possibly offsite. The backup
list includes:
Based on the above listed data and information, a data recovery scheme
should be put in place.
Passwords
Keep a (security protected) copy of the master passwords for Windows and
other administration password(s).
Data privacy and protection
Compliance with local regulations must be addressed. This can concern paper
listings as well as tapes and memory support.
For further information on general security issues regarding Siemens products,
please refer to the internal documentation and procedures on this subject.