DS5.7 Protection of Security Technology
Make security and related technology tamper-resistant. Do not unnecessarily disclose or distribute security documentation.
Illustrative Controls and the TIBCO LogLogic Solution
Because of their criticality, security technologies must be protected from unauthorized tampering and modification. Documentation and information about security design and infrastructure should be protected appropriately.
To satisfy this objective, the organization should implement and monitor available tamper controls for deployed security technologies. System operations and related events that might signal tampering should be logged and monitored closely. Access to security-related documentation must be strictly controlled and monitored to detect inappropriate access.
Copyright © Cloud Software Group, Inc. All rights reserved.