Safe placement of equipment

Critical
High
Normal
Low

For example, data processing equipment, as well as other important equipment, should be placed in the premises safely and with consideration. Placement should restrict unauthorized access to devices.

Connected other frameworks and requirements:
Toiminnan jatkuvuuden hallinta
F08: Toiminnan jatkuvuuden varmistaminen
11.1.3: Securing offices, rooms and facilities
ISO 27001
11.2.1: Equipment siting and protection
ISO 27001
11.1.4: Protecting against external and environmental threats
ISO 27001

Alarm systems for equipment environment

Critical
High
Normal
Low

Alarm systems are used to monitor the level of key environmental conditions (eg temperature and humidity) that may adversely affect the operation of data processing equipment.

Connected other frameworks and requirements:
Toiminnan jatkuvuuden hallinta
F08: Toiminnan jatkuvuuden varmistaminen
11.2.1: Equipment siting and protection
ISO 27001
11.2.2: Supporting utilities
ISO 27001
PR.IP-5: Physical operating environment
NIST CSF

Lightning protection

Critical
High
Normal
Low

All buildings and all incoming power lines and external communication lines are equipped with lightning protection.

Connected other frameworks and requirements:
11.2.1: Equipment siting and protection
ISO 27001
7.8: Laitteiden sijoitus ja suojaus
ISO 27001

Electromagnetic data breach management

Critical
High
Normal
Low

Electronic devices such as cables, monitors, copiers, tablets and smartphones leak electromagnetic radiation, from which it is possible to find out the original transmitted data with the right hardware and, for example, steal the entered username and password.

Openings in the premises' structures (windows, doors, air conditioning) are protected to prevent radiation from escaping. In addition, equipment handling confidential data is located so as to minimize the risk of leakage due to electromagnetic leakage.

Connected other frameworks and requirements:
11.1.3: Securing offices, rooms and facilities
ISO 27001
11.2.1: Equipment siting and protection
ISO 27001
I14: Hajasäteily (TEMPEST)
PR.DS-2: Data-in-transit
NIST CSF
7.3: Securing offices, rooms and facilities
ISO 27001
No items found.