T7.6.4 - INFORMATION LEAKAGE Implementation Guidance
The entity shall prevent opportunities for information leakage.
Back to T7.6.4 - P2 - INFORMATION LEAKAGE
The following should be considered to limit the risk of information leakage, e.g. through the use and exploitation of covert channels:
- A. Scanning of outbound media and communications for hidden information
- B. Masking and modulating system and communications behavior to reduce the likelihood of a third party being able to deduce information from such behavior
- C. Making use of systems and software that are considered to be of high integrity, e.g. using evaluated products
- D. Regular monitoring of personnel and system activities, where permitted under existing legislation or regulation
- E. Monitoring resource usage in computer systems
