T5.6.2 - SENSITIVE SYSTEM ISOLATION Implementation Guidance
The entity shall build a dedicated environment for sensitive systems.
Back to T5.6.2 - P2 - SENSITIVE SYSTEM ISOLATION
The following points should be considered for sensitive system isolation:
- A. The sensitivity of an application system should be explicitly identified and documented by the application owner
- B. Access to sensitive systems in data centers should be restricted by using physical cages on workstations to prohibit access to certain external ports, or disabling/removing the ability to insert, read or write to such devices
- C. When a sensitive application is to run in a shared environment, the application systems with which it will share resources and the corresponding risks should be identified and accepted by the owner of the sensitive application
