5.4 DOS PC (multiuser)

Description

The subject here is a commercially available IBM-compatible PC run with DOS or a comparable operating system. This PC is not connected to a network. It is equipped with a floppy disk drive, a hard disk and a mouse. If available, a printer is to be directly connected to the PC. A graphic user interface can also be employed here. It is assumed that several persons use this PC, these having differing access rights to the stored data. It is also assumed that changes in users of the PC do not occur on a frequent basis.

In the event that the user is changed on a frequent basis, alternative security solutions should be considered, such as purchasing additional PCs or even setting up a local network with a possible common data base for reasons of performance and acceptance.

Threat Scenario

The following typical threats (T) are assumed as regards IT baseline protection of a DOS PC (multiuser):

Force Majeure:

Organisational Shortcomings:

Human Failure:

Technical Failure:

Deliberate Acts:

Recommended Countermeasures (S)

For the implementation of IT baseline protection, selection of the required packages of safeguards ("modules") as described in chapters 2.3 and 2.4, is recommended.

In the following, the safeguard group "DOS PC (multiuser)" is set out:

Infrastructure:

Organisation:

Personnel:

Hardware/Software:

Contingency Planning:


© Copyright by Bundesamt für Sicherheit in der Informationstechnik 2000

Last Update on 6 April 2000