Physical security issues are an important part of your overall system security. To assure your system is secure, you must have locks on doors to secure areas. Only trusted individuals and those authorized to perform relevant job tasks should have access to computer rooms, operator consoles, and in some cases, printer rooms. Some sites may want to secure the mailroom and report distribution so that sensitive data is not left in the open where others may see it.
CA Top Secret MLS can provide output destination control for printers. Each printer can be assigned a security label that prints only those jobs whose security labels pass the dominance check against its own security label. This feature allows you to distribute printers throughout your site rather than confine them to a secure computer room. Printers must be channel-attached. Since devices are daisy-chained on the channels, if you have a printer in a room that is cleared lower than system high (SYSHIGH), you must ensure that no other device on the same channel processes data labeled higher than the clearance of the room.
Systems that allow legitimate user access to their components (for example, removable media) should be used only in environments where both administrative and ordinary users are trusted to access all data in the system and are trusted not to misuse their physical access permission.
Ensure that the level of trust associated with the physical environment containing a system's peripheral always dominates the security label associated with that peripheral.
Secure systems should include a policy that does not permit passwords to appear on JCL card decks and password encryption at terminals.
|
Copyright © 2010 CA Technologies.
All rights reserved.
|
|