S 1.38 Suitable siting of a modem

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: IT users, Administrator

To prevent misuse of modems, it must be ensured that only authorised persons have physical access to this equipment. Misuse in this case implies, firstly, unauthorised data transmissions possibly resulting in costs, virus infiltration or the transfer of confidential information outside, and secondly, unauthorised alteration or viewing of the modem configuration possibly resulting in security weaknesses.

To control physical access to an external or PCMCIA modem, it must be ensured, for example, that modems operated continuously are kept inside locked rooms and modems operated temporarily are kept safely inside cabinets when not in use. The provisions in Chapter 4.3.1 Office are to be observed here.

Due to its integration in an IT system, an internal modem has a higher intrinsic degree of physical protection. In this case, it is sufficient to observe the measures in Chapter 4.3.1 Office or 4.3.2 Server Room.

If access to the internal network is created via a modem or a modem pool, Chapter 7.3 Firewall should be consulted. Access to the internal network should not be created via modems whilst bypassing an existing firewall.

If more external accesses to a network protected by a firewall are to be created with a modem pool, this must be set up on the insecure side of the firewall (c.f. S 2.77 Correct Configuration of Other Components). The modem pool shouls be set up with the relevant server in a security server room. The safeguards contained in Chapter 4.3.2 Server Room should be observed.