|
Initiation responsibility: PBX officer; IT Security Management
Implementation responsibility: Administrators
Where administration of a PBX is ensured by means of an operator's PC, the latter must be provided, as a minimum, with the safeguards usually furnished for PCs (cf. Part I, Chapter 5.1 DOS PC (single user)).
Optionally:
In the event that the PBX system does not have sufficient security functions for the management of rights and access protection, the use of conventional devices (port controllers) available on the market may be considered. Using devices of this kind, reliable identification and authentication procedures can be carried out.
Additional controls:
© Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
July 1999 |