10.1.1 Requirements for operational environment

The following operational environment for the computer must be granted:

·     Requirements for connecting to a network:

-      Network connections must be secured in a way that makes it possible to recognise and suppress attacks, e.g. by firewall and by using adequate anti-virus software.

·     Requirements for IT platforms and applications:

-      It must be granted that no attacks can be executed that origin from the hardware that runs Governikus DATA Boreum. It must be ensured that the software installed on the computer cannot be manipulated or changed, that no viruses or trojans can soak in and that the hardware cannot be changed in a prohibited way.

·     Requirements for protection against access of unauthorised persons and data exchange by data mediums: The following constructional, personnel, and organisational requirements must be met: 

-      It must be ensured that unauthorised persons don't have access to the computer that runs Governikus DATA Boreum or that unauthorised access is recognised without fail, for example by locking the computer or locking the room while absent.

-      It must be ensured that while data is transferred form data mediums no viruses or trojans are transferred along, e.g. by using adequate anti-virus software.