Français
5. Appendix B: Example of securing an internal IS and a hybrid IS
Securing an information system hosted in-house must take into account the risk analysis, which assesses the level of threat to the entity, and the resulting security requirements for each component of the IS (business applications, data, industrial processes, etc.).
In concrete terms, this means implementing several technical and organizational security functions, with the aim of protecting the information system at the "right level":
ISSP. The definition of an information systems security policy makes it possible to clearly formalize the entity's main security principles and rules, grouped by theme (IS operations, identity management, role definitions, etc.). It is generally accompanied by the drafting of charters for users and IS administrators, and by IS awareness campaigns for all the entity's players;
...
The Ultimate Scientific and Technical Reference
This article is included in
Security of information systems
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
Appendix B: Example of securing an internal IS and a hybrid IS
Glossary
Bibliography
- (1) - Secrétariat général de la défense nationale - La défense en profondeur appliquée aux systèmes d'information. - Guide Version 1.1, ANSSI, juillet 2004. https://www.ssi.gouv.fr/defense-profondeur
- (2)...
Legal texts
LOI n° 2013-1168 of December 18, 2013 relating to military programming for the years 2014 to 2019 and bearing various provisions concerning defense and national security, 2013.
https://www.legifrance.gouv.fr/jorf/id/JORFTEXT000028338825/ .
LAW no. 2018-607 of July 13, 2018...
The Ultimate Scientific and Technical Reference
