Free ebook: NIS2 ready using ISO 27001 best practices
Download ebook

Defined security arrangements for providing critical network equipment

Critical
High
Normal
Low

The security arrangements required for critical online services, such as security features, service levels, and management requirements, are carefully defined in advance. Online services include e.g. connections, networks and network security solutions (e.g. firewalls).

The security features of online services can be e.g. the following:

  • required security-related technologies such as authentication, encryption technology, and network connection management tools
  • the technical parameters required for a secure connection to network services
  • online service usage criteria that restrict access to the online service or applications as needed
Connected other frameworks and requirements:
13.1.2: Security of network services
ISO 27001
15.2.1: Monitoring and review of supplier services
ISO 27001
ID.BE-5: Resilience requirements
NIST CSF
DE.CM-1: The network monitoring
NIST CSF
5.22: Monitoring, review and change management of supplier services
ISO 27001

Protection of wireless connections

Critical
High
Normal
Low

The use of the wireless network is secured with sufficient keys and the connection traffic to the network router is encrypted. The wireless network for guest use is isolated from the company's own internal network.

Connected other frameworks and requirements:
I05: Langattomat verkot
13.1.2: Security of network services
ISO 27001
PR.PT-4: Communications and control networks
NIST CSF
8.21: Security of network services
ISO 27001

Multiple providers for critical network equipment

Critical
High
Normal
Low

For example, when the fault tolerance of a telecommunication network is critical, it can be further improved by procuring basic network services through several routes and through several service providers.

Connected other frameworks and requirements:
13.1.2: Security of network services
ISO 27001
ID.BE-4: Dependencies and critical functions
NIST CSF
ID.BE-5: Resilience requirements
NIST CSF
8.14: Redundancy of information processing facilities
ISO 27001
8.21: Security of network services
ISO 27001
No items found.