Previous versions

Date: May 19, 2024, 4:43:05 PM
Date: Jul 9, 2021, 6:49:39 AM
Editor:
Editor: louds
Name:
Name: ANSSI - Guideline for a healthy information system
Description:
Description: Set of recommendations based on the Guideline for a healthy information system created by the ANSSI.

t1{}t1{
2    "authors": [
3        "louds"
4    ],
5    "label": "ANSSI - Guideline for a healthy information system",
6    "language": "EN",
7    "refs": [
8        "https://www.ssi.gouv.fr/en/guide/40-essential-measures-for-a-healthy-network/"
9    ],
10    "uuid": "70ea1b7f-169d-481f-9d97-67e9a50f6719",
11    "values": [
12        {
13            "code": "ANSSI - R1",
14            "description": "Train the operational teams in information system security",
15            "importance": 0,
16            "uuid": "223e6c30-b964-4998-81a6-9afa4072cb42"
17        },
18        {
19            "code": "ANSSI - R2",
20            "description": "Raise users’ awareness about basic information security",
21            "importance": 0,
22            "uuid": "a789bdb6-4865-452b-bd62-cc8ed2d13a1c"
23        },
24        {
25            "code": "ANSSI - R2+",
26            "description": "Raise users’ awareness about basic information security (+ strengthened actions)",
27            "importance": 0,
28            "uuid": "02064c50-de13-4ea9-9e17-319bc2ac7d94"
29        },
30        {
31            "code": "ANSSI - R3",
32            "description": "Control outsourced services",
33            "importance": 0,
34            "uuid": "e75eb64f-7835-4204-a308-cf6dc9baf3f8"
35        },
36        {
37            "code": "ANSSI - R4",
38            "description": "Identify the most sensitive information and servers and keep a network diagram",
39            "importance": 0,
40            "uuid": "888be2b9-dc80-4603-abc7-e8ae6f52fb9b"
41        },
42        {
43            "code": "ANSSI - R5",
44            "description": "Have an exhaustive inventory of privileged accounts and keep it updated",
45            "importance": 0,
46            "uuid": "d8b48af9-7996-4b4f-9ae2-8636ff3ec9c2"
47        },
48        {
49            "code": "ANSSI - R6",
50            "description": "Organise the procedures relating to users joining, departing and changing positions",
51            "importance": 0,
52            "uuid": "fe9286d8-9a6c-42f9-97f1-9d1093ceef50"
53        },
54        {
55            "code": "ANSSI - R6+",
56            "description": "Organise the procedures relating to users joining, departing and changing positions (+ strengthened actions)",
57            "importance": 0,
58            "uuid": "07064ab4-9dc7-4175-9d15-4d2fef8b710b"
59        },
60        {
61            "code": "ANSSI - R7",
62            "description": "Only allow controlled devices to connect to the network of the organization",
63            "importance": 0,
64            "uuid": "145aba5b-93c9-44b6-b9f5-f622f7b830e1"
65        },
66        {
67            "code": "ANSSI - R7+",
68            "description": "Only allow controlled devices to connect to the network of the organization (+ strengthened actions)",
69            "importance": 0,
70            "uuid": "48f01622-0fed-4736-93ea-19f4876c95f1"
71        },
72        {
73            "code": "ANSSI - R8",
74            "description": "Identify each individual accessing the system by name and distinguish the user/administrator roles",
75            "importance": 0,
76            "uuid": "e68eaaef-6693-4c5c-8f08-364e67e13571"
77        },
78        {
79            "code": "ANSSI - R8+",
80            "description": "Identify each individual accessing the system by name and distinguish the user/administrator roles (+ strengthened actions)",
81            "importance": 0,
82            "uuid": "50c68221-dbd1-4632-9fcd-c5718753b8b7"
83        },
84        {
85            "code": "ANSSI - R9",
86            "description": "Allocate the correct  rights to the information system’s sensitive resources",
87            "importance": 0,
88            "uuid": "c2f504b1-58b0-4d37-8d30-3a536ec7f310"
89        },
90        {
91            "code": "ANSSI - R10",
92            "description": "Set and verify rules for the choice and size of passwords",
93            "importance": 0,
94            "uuid": "31d20164-2e71-4fc5-8b74-1b20cec62135"
95        },
96        {
97            "code": "ANSSI - R11",
98            "description": "Protect passwords stored on systems",
99            "importance": 0,
100            "uuid": "afc1c8d0-029a-4ab2-a0c1-95b02d00afe9"
101        },
102        {
103            "code": "ANSSI - R12",
104            "description": "Change the default authentication settings on devices and services",
105            "importance": 0,
106            "uuid": "8b177341-edfb-437c-bf9d-e80bac2564da"
107        },
108        {
109            "code": "ANSSI - R12+",
110            "description": "Change the default authentication settings on devices and services (+ strengthened actions)",
111            "importance": 0,
112            "uuid": "263d0733-4ebb-4464-9971-2ada65b70bdb"
113        },
114        {
115            "code": "ANSSI - R13",
116            "description": "Prefer a two-factor authentication when possible",
117            "importance": 0,
118            "uuid": "d549a5f3-06e3-4aaf-8f76-df672a8be633"
119        },
120        {
121            "code": "ANSSI - R13+",
122            "description": "Prefer a two-factor authentication when possible (+ strengthened actions)",
123            "importance": 0,
124            "uuid": "929c00f4-5f9c-40e1-86cc-de901981aebf"
125        },
126        {
127            "code": "ANSSI - R14",
128            "description": "Implement a minimum level of security across the whole IT stock",
129            "importance": 0,
130            "uuid": "c97f287f-73c7-4040-bf58-14cc203bb701"
131        },
132        {
133            "code": "ANSSI - R14+",
134            "description": "Implement a minimum level of security across the whole IT stock (+ strengthened actions)",
135            "importance": 0,
136            "uuid": "04b41edb-fb77-4072-a76d-956a40716515"
137        },
138        {
139            "code": "ANSSI - R15",
140            "description": "Protect against threats relating to the use of removable media",
141            "importance": 0,
142            "uuid": "8b12b208-e294-4ece-a42c-6f6a21f47c72"
143        },
144        {
145            "code": "ANSSI - R15+",
146            "description": "Protect against threats relating to the use of removable media (+ strengthened actions)",
147            "importance": 0,
148            "uuid": "0ad578e6-a437-4633-b65a-1e7ee3e8be30"
149        },
150        {
151            "code": "ANSSI - R16",
152            "description": "Use a centralised management tool to standardise security policies",
153            "importance": 0,
154            "uuid": "85e2d429-6c19-47d1-94d5-73d0ce70a7fe"
155        },
156        {
157            "code": "ANSSI - R17",
158            "description": "Activate and configure the firewall on workstations",
159            "importance": 0,
160            "uuid": "699cad6f-85b5-44a4-bd2d-a2eee6acacac"
161        },
162        {
163            "code": "ANSSI - R17+",
164            "description": "Activate and configure the firewall on workstations (+ strengthened actions)",
165            "importance": 0,
166            "uuid": "7df4ae40-45fd-4b03-82b4-d92e0c2069bc"
167        },
168        {
169            "code": "ANSSI - R18",
170            "description": "Encrypt sensitive data sent through the Internet",
171            "importance": 0,
172            "uuid": "08b28355-6bc7-49d0-b34c-72c0a0aa690f"
173        },
174        {
175            "code": "ANSSI - R19",
176            "description": "Segment the network and implement a partitioning between these areas",
177            "importance": 0,
178            "uuid": "c70a2f46-1907-41e5-9d66-c62bb290428f"
179        },
180        {
181            "code": "ANSSI - R20",
182            "description": "Ensure the security of Wi-Fi access networks and that uses are separated",
183            "importance": 0,
184            "uuid": "fa99ac96-1418-4347-88f3-4c2061e0a37d"
185        },
186        {
187            "code": "ANSSI - R21",
188            "description": "Use secure network protocols when they exist",
189            "importance": 0,
190            "uuid": "5569e6c1-88af-4b50-961d-8e6e90b9cc85"
191        },
192        {
193            "code": "ANSSI - R22",
194            "description": "Implement a secure access gateway to the Internet",
195            "importance": 0,
196            "uuid": "9823ff67-8899-428c-94d3-06ce13735624"
197        },
198        {
199            "code": "ANSSI - R22+",
200            "description": "Implement a secure access gateway to the Internet (+ strengthened actions)",
201            "importance": 0,
202            "uuid": "221b51f5-ffeb-4f8a-9d5c-6924cdb632b7"
203        },
204        {
205            "code": "ANSSI - R23",
206            "description": "Segregate the services visible from the Internet from the rest of the information system",
207            "importance": 0,
208            "uuid": "c1a2a2c6-2823-40f5-a35c-94e3c3244c25"
209        },
210        {
211            "code": "ANSSI - R24",
212            "description": "Protect your professional email",
213            "importance": 0,
214            "uuid": "87175056-58f9-4d0b-b072-fb07bafd4dc6"
215        },
216        {
217            "code": "ANSSI - R24+",
218            "description": "Protect your professional email (+ strengthened actions)",
219            "importance": 0,
220            "uuid": "8b1a199d-fbdf-42e3-94e4-8edf0af3aee5"
221        },
222        {
223            "code": "ANSSI - R25",
224            "description": "Secure the dedicated network interconnections with partners",
225            "importance": 0,
226            "uuid": "2d4fb180-e92c-4d6f-aff2-895a0f386171"
227        },
228        {
229            "code": "ANSSI - R25+",
230            "description": "Secure the dedicated network interconnections with partners (+ strengthened actions)",
231            "importance": 0,
232            "uuid": "a6d5763d-ef7c-4303-942b-ad8359182c31"
233        },
234        {
235            "code": "ANSSI - R26",
236            "description": "Control and protect access to the server rooms and technical areas",
237            "importance": 0,
238            "uuid": "d050bb64-1057-4d1f-88ab-d51ba74d25c9"
239        },
240        {
241            "code": "ANSSI - R27",
242            "description": "Prohibit Internet access from devices or servers used by the information system administration",
243            "importance": 0,
244            "uuid": "da32da25-83d0-4b37-9e59-40e6938e4e47"
245        },
246        {
247            "code": "ANSSI - R27+",
248            "description": "Prohibit Internet access from devices or servers used by the information system administration (+ strengthened actions)",
249            "importance": 0,
250            "uuid": "db888654-1102-4ad2-abcd-6bc40c0aa053"
251        },
252        {
253            "code": "ANSSI - R28",
254            "description": "Use a dedicated and separated network for information system administration",
255            "importance": 0,
256            "uuid": "039f1371-3adf-4433-880e-6891e75b598e"
257        },
258        {
259            "code": "ANSSI - R28+",
260            "description": "Use a dedicated and separated network for information system administration (+ strengthened actions)",
261            "importance": 0,
262            "uuid": "9452a67a-dd41-4ed7-b973-df197d722282"
263        },
264        {
265            "code": "ANSSI - R29",
266            "description": "Reduce administration rights on workstations to strictly operational needs",
267            "importance": 0,
268            "uuid": "33da8384-f91a-40c2-81e8-3cae0da754ac"
269        },
270        {
271            "code": "ANSSI - R30",
272            "description": "Take measures to physically secure mobile devices",
273            "importance": 0,
274            "uuid": "78f0174f-3036-44be-83ee-e9074092345b"
275        },
276        {
277            "code": "ANSSI - R30+",
278            "description": "Take measures to physically secure mobile devices (+ strengthened actions)",
279            "importance": 0,
280            "uuid": "4a46bdc6-9c94-4552-a747-777cd35f3551"
281        },
282        {
283            "code": "ANSSI - R31",
284            "description": "Encrypt sensitive data , in particular on hardware that can potentially be lost",
285            "importance": 0,
286            "uuid": "00ab5b42-edeb-4e5f-91a4-ee1f5ca544fc"
287        },
288        {
289            "code": "ANSSI - R32",
290            "description": "Secure the network connection of devices used in a mobile working situation",
291            "importance": 0,
292            "uuid": "e34f7dea-07d0-4457-9ad8-35dc8b57d566"
293        },
294        {
295            "code": "ANSSI - R32+",
296            "description": "Secure the network connection of devices used in a mobile working situation (+ strengthened actions)",
297            "importance": 0,
298            "uuid": "e7ac108a-4ff8-4ca7-8ec2-7674e871b16e"
299        },
300        {
301            "code": "ANSSI - R33",
302            "description": "Adopt security policies dedicated to mobile devices",
303            "importance": 0,
304            "uuid": "c63fd77c-edb2-4ade-96d3-c89db095a69a"
305        },
306        {
307            "code": "ANSSI - R33+",
308            "description": "Adopt security policies dedicated to mobile devices (+ strengthened actions)",
309            "importance": 0,
310            "uuid": "9b70ff0f-cf60-41bd-a405-51a68df25bec"
311        },
312        {
313            "code": "ANSSI - R34",
314            "description": "Define an update policy for the components of the information system",
315            "importance": 0,
316            "uuid": "8cac85b0-7553-440f-a439-dd4d00d1d49c"
317        },
318        {
319            "code": "ANSSI - R35",
320            "description": "Anticipate the software and system end of life/maintenance and limit software reliance",
321            "importance": 0,
322            "uuid": "8e1118bc-667b-4598-ace1-deed3945368c"
323        },
324        {
325            "code": "ANSSI - R36",
326            "description": "Activate and configure the most important component logs",
327            "importance": 0,
328            "uuid": "c1d6de0a-0d7a-4632-a7a9-680b34d9218f"
329        },
330        {
331            "code": "ANSSI - R36+",
332            "description": "Activate and configure the most important component logs (+ strengthened actions)",
333            "importance": 0,
334            "uuid": "946ebe15-6f21-4342-ac43-3f4ea6607a80"
335        },
336        {
337            "code": "ANSSI - R37",
338            "description": "Define and apply a backup policy for critical components",
339            "importance": 0,
340            "uuid": "e759976b-9b83-4f81-a35b-c69da63edd06"
341        },
342        {
343            "code": "ANSSI - R37+",
344            "description": "Define and apply a backup policy for critical components (+ strengthened actions)",
345            "importance": 0,
346            "uuid": "8c21d548-812f-4249-8c74-5bedb2f1a9cf"
347        },
348        {
349            "code": "ANSSI - R38+",
350            "description": "Undertake regular controls and security audits then apply the associated corrective actions",
351            "importance": 0,
352            "uuid": "0a736d33-55ac-4711-b1e0-ce2ebe761e75"
353        },
354        {
355            "code": "ANSSI - R39",
356            "description": "Designate a point of contact in information system security and make sure staff are aware of him or her",
357            "importance": 0,
358            "uuid": "140e1184-8547-4429-a881-9ff3f043d7e2"
359        },
360        {
361            "code": "ANSSI - R40",
362            "description": "Define a security incident management procedure",
363            "importance": 0,
364            "uuid": "38d26ad0-2ccf-429f-b046-ddb03e533bb6"
365        },
366        {
367            "code": "ANSSI - R41+",
368            "description": "Carry out a formal risk assessment",
369            "importance": 0,
370            "uuid": "d4498025-0240-4033-8a7f-e90c69134c8e"
371        },
372        {
373            "code": "ANSSI - R42+",
374            "description": "Favour the use of products and services qualified by ANSSI",
375            "importance": 0,
376            "uuid": "a526b314-d2db-44f3-a9c8-7af2320e7d1a"
377        }
378    ],
379    "version": 0
380}