Please select user.
There are no topics yet.
Form the IT Security Policy 3.14: Should a user receive a spam e-mail, he / she must inform [job title].) This may be something to think about for (specific) phishing mails, but is certainly not suitable for spam, here 98% of all email is spam and once in a while one gets through the filters.
In the past years, encryption has become a key control for protection of integrity and confidentiality of data. Many organizations use encryption technology such as disk encryption provided by the OS with managed keys. I am surprised to see this statement as not allowed per IT Security Policy:
auf einem lokalen Rechner Kryptographie (Verschlüsselung) zu nutzen, außer in den Fällen, die in der Richtlinie zur Klassifizierung von Informationen
(Use cryptography (encryption) on a local machine, except in the cases specified in the Information Classification Policy)
This seems to be an old control to ensure availability. In my view, any organization should make it mandatory to use the corporate encryption solution – and central key management.