4.3 Rooms

4.3.1 Office

Description

An office is a room where one or several staff members are present in order to fulfil their duties, possibly including IT-supported tasks. Such duties may cover a wide variety of tasks: production of documents, processing of files and lists, conferences and telephone calls, reading of records and other documents, etc.

However, if an office is used primarily for keeping archives of data media, reference is also to be made to Chapter 4.3.3, "Data Media Archives". If a server (LAN; PBX, or the like) is installed in an office, the safeguards in Chapter 4.3.2 (server room) should also be observed.

Threat Scenario

The following typical threats (T) are assumed as regards IT baseline protection of an office:

Organisational Shortcomings:

Human Failure:

Deliberate Acts:

Recommended Countermeasures (S)

For the implementation of IT baseline protection, selection of the required packages of safeguards ("modules") as described in chapters 2.3 and 2.4, is recommended.

In the following, the safeguard package for "Office" is set out:

Infrastructure:

Organisation:

Personnel:


© Copyright by Bundesamt für Sicherheit in der Informationstechnik 2000

Last Update on 6 April 2000