removed emoji from filenames, Obsidian changed all relevant links
This commit is contained in:
parent
d316285a74
commit
68f1c38681
638 changed files with 710 additions and 3176 deletions
|
|
@ -1,72 +0,0 @@
|
|||
# Examples of measures for different TLP classifications
|
||||
|
||||
*Voor Nederlands, zie [hier](Voorbeelden%20van%20maatregelen%20bij%20verschillende%20TLP%20classificaties.md).*
|
||||
|
||||
**TLP: CLEAR**
|
||||
- No measures
|
||||
- No restriction on the use of AI tools
|
||||
- Documents are labeled with TLP:CLEAR
|
||||
|
||||
**TLP: GREEN**
|
||||
- Access limited to[^1] :
|
||||
- the organization itself
|
||||
- authorized external parties
|
||||
- using MFA (Multi-Factor Authentication)
|
||||
- SharePoint/Teams/OneDrive:
|
||||
- placement in folders that are broadly accessible internally is allowed
|
||||
- sharing only with authorized external parties
|
||||
- placement on your personal OneDrive is allowed
|
||||
- Cloud services and collaboration tools:
|
||||
- only use solutions approved/managed by the organization
|
||||
- Emailing and sending:
|
||||
- additional measures are not necessary (such as encrypted email or secure connections)
|
||||
- Use of Co-pilot is allowed
|
||||
- Devices and locations:
|
||||
- storage and access only via managed devices
|
||||
- do not leave devices unattended
|
||||
- printing only on approved/secure printers
|
||||
- physical documents should only be kept in approved locations
|
||||
- Documents are labeled with TLP:GREEN
|
||||
|
||||
**TLP: AMBER (+STRICT)**
|
||||
*All measures/restrictions of TLP:GREEN apply, plus:*
|
||||
|
||||
- Access limited to:
|
||||
- specific teams and departments within the organization
|
||||
- specific authorized persons from external parties, under a signed NDA (Non-Disclosure Agreement)
|
||||
- SharePoint/Teams/OneDrive:
|
||||
- only place in folders that have limited internal access
|
||||
- only specific external persons may be granted access
|
||||
- placement on your personal OneDrive is _not_ allowed
|
||||
- Cloud services and collaboration tools:
|
||||
- only use solutions managed by the organization (specify)
|
||||
- only use services with strict security (such as DigiD or Bank-tokens)
|
||||
- Emailing and sending:
|
||||
- only via secure connections, in encrypted form, or via a 'secure mailing' solution (such as Zivver)
|
||||
- data transfer is monitored for abnormal patterns
|
||||
- Use of Co-pilot is _not_ allowed
|
||||
- Documents are labeled with TLP:AMBER
|
||||
|
||||
|
||||
**TLP: RED**
|
||||
*All measures/restrictions of TLP:AMBER apply, plus:*
|
||||
|
||||
- Access limited to:
|
||||
- specific persons within the organization
|
||||
- SharePoint/Teams/OneDrive:
|
||||
- only place in folders accessible to specific employees
|
||||
- external persons may _not_ be granted access
|
||||
- placement on your personal OneDrive is _not_ allowed
|
||||
- Full monitoring of data transfer: control and logging of all data traffic
|
||||
- Cloud services and collaboration tools:
|
||||
- usage is limited to ...
|
||||
- Emailing and sending:
|
||||
- Not allowed
|
||||
- Full and detailed logging of all activities
|
||||
- Devices and locations:
|
||||
- no access with mobile phones
|
||||
- printing not allowed
|
||||
- physical documents are kept in locked locations with restricted access (specify)
|
||||
- Documents are labeled with TLP:RED
|
||||
|
||||
[^1]: Controls [[ISO_27002_2022_NL_BT_5.19 Information security in supplier relationships|5.19]], [[ISO_27002_2022_NL_BT 6.6 Confidentiality or non-disclosure agreements|6.6]], [[ISO_27002_2022_NL_BT 7.2 Physical access security |7.2]]
|
||||
Loading…
Add table
Add a link
Reference in a new issue