|
Initiation responsibility: IT Security Management
Implementation responsibility: IT-user
If protective cabinets with mechanical or electronic code locks are used, the code for these locks must be changed:
The code cannot consist of numbers which are easy to determine (e.g. personal data, arithmetical sequences).
Each valid code of a code lock must be recorded and escrowed in a secure place (see S 2.22 Depositing of passwords in a similar application). It should be noted that escrowing of the code in the associated protective cabinet is pointless.
If the protective cabinet has a further lock in addition to a code lock, a judgement should be made as to whether the code and the key are deposited together, which would allow quicker access in an emergency, or separately, so that it is more difficult for an 'attacker' to gain access.
Additional controls:
© Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
July 1999 |