From Mobile Policy Security Requirements Guide
Part of SRG-MPOL-072
Associated with: CCI-001456
Given the continuous threat level in today's global environment, there are certain locations presenting significant risks to an organization's personnel, equipment, and data. To afford an increased level of awareness and security for its personnel, equipment, and data, an organization must identify those locations representing a higher level of risk. Failure of an organization to identify these locations could result in dangerous situations for its personnel, such as; damaged, stolen or compromised equipment; or unauthorized access to, modification of, or destruction of sensitive or classified data.
Review the organization's security policy and procedures to ensure the organization has developed and documented a list of high risk locations, and has published this list to its security staff and other organizational personnel. Also examine the date of last update to ensure the list is periodically reviewed and updated. Interview organization security staff to determine if a high risk location list exists and if it is periodically reviewed and updated. If the organization has not developed and disseminated a list of high risk locations, this is a finding.
Develop and document a list of high risk locations, and publish this list to security staff and other organizational personnel.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer