The organization must have a strategy for developing and maintaining a cyber security architecture.
The strategy must match the organization's cyber security program and the organization's architecture.
The architecture must include:
Access to buildings containing critical systems must be constantly monitored to detect unauthorized access or suspicious activity. The following issues should be taken into account in monitoring practices:
Information related to surveillance systems should be kept confidential, as disclosure of information can facilitate undetected breaches. The monitoring systems themselves must also be properly protected, so that the recordings or system status cannot be affected without permission.
All endpoint devices in the organization should be protected by a properly configured software firewall that monitors traffic, accepts compliant traffic, and monitors users.
A firewall protects against malware and attacks that come from inside or outside your organization's network.
The organization must have list of approved applications, and application sources, that are allowed to be used on the organization's endpoint devices.
The organization should, if possible, execute management of approved software using automation for example with policies from mobile device management system.
Endpoint security management system can be used to demand the desired security criteria from the devices before they are allowed to connect to the network resources. Devices can be laptops, smartphones, tablets or industry-specific hardware.
Criteria for the use of network resources may include e.g. approved operating system, VPN and antivirus systems, and the timeliness of these updates.