IT Baseline Protection Manual - Chapter 8.2 Fax machine
8.2 Fax machine
Description
This chapter deals with information transfer via facsimile
(fax). The transmission standard (e.g. CCITT group 3)
was not used for differentiation purposes for the selection
of safeguards as part of IT baseline protection. In this
module, only customary stand-alone fax machines are
used as the basis for fax transmission, not fax insertion
cards or fax servers.
Threat Scenario
The following typical threats are assumed for fax information transfer as part of IT baseline protection:
Organisational Shortcomings:
T 2.20 Inadequate supply of printing consumables for fax machines
Human Failure:
T 3.14 Misjudgement of the legally binding of a fax
T 5.31 Unauthorised viewing of incoming fax messages
T 5.32 Evaluation of residual information in fax machines
T 5.33 Impersonating wrong senders on fax machines
T 5.34 Deliberate re-programming of the destination keys on fax machines
T 5.35 Deliberate overloading by incoming fax messages
Recommended Countermeasures (S)
For the implementation of IT baseline protection, selection of the required packages of safeguards
("modules") as described in chapters 2.3 and 2.4, is recommended.
The safeguards package for a "Fax Machine" is presented in the following.