Description
Set of recommendations based on the Guideline for a healthy information system created by the ANSSI.
Owning organization
Validating JSON schema
Recommendations (provided by MONARC)
Creator
License
Creative Commons Zero v1.0 Universal
Related objects
Definition of the object
{
"authors": [
"louds"
],
"label": "ANSSI - Guideline for a healthy information system",
"language": "EN",
"refs": [
"https://www.ssi.gouv.fr/en/guide/40-essential-measures-for-a-healthy-network/"
],
"uuid": "70ea1b7f-169d-481f-9d97-67e9a50f6719",
"values": [
{
"code": "ANSSI - R1",
"description": "Train the operational teams in information system security",
"importance": 0,
"uuid": "223e6c30-b964-4998-81a6-9afa4072cb42"
},
{
"code": "ANSSI - R2",
"description": "Raise users’ awareness about basic information security",
"importance": 0,
"uuid": "a789bdb6-4865-452b-bd62-cc8ed2d13a1c"
},
{
"code": "ANSSI - R2+",
"description": "Raise users’ awareness about basic information security (+ strengthened actions)",
"importance": 0,
"uuid": "02064c50-de13-4ea9-9e17-319bc2ac7d94"
},
{
"code": "ANSSI - R3",
"description": "Control outsourced services",
"importance": 0,
"uuid": "e75eb64f-7835-4204-a308-cf6dc9baf3f8"
},
{
"code": "ANSSI - R4",
"description": "Identify the most sensitive information and servers and keep a network diagram",
"importance": 0,
"uuid": "888be2b9-dc80-4603-abc7-e8ae6f52fb9b"
},
{
"code": "ANSSI - R5",
"description": "Have an exhaustive inventory of privileged accounts and keep it updated",
"importance": 0,
"uuid": "d8b48af9-7996-4b4f-9ae2-8636ff3ec9c2"
},
{
"code": "ANSSI - R6",
"description": "Organise the procedures relating to users joining, departing and changing positions",
"importance": 0,
"uuid": "fe9286d8-9a6c-42f9-97f1-9d1093ceef50"
},
{
"code": "ANSSI - R6+",
"description": "Organise the procedures relating to users joining, departing and changing positions (+ strengthened actions)",
"importance": 0,
"uuid": "07064ab4-9dc7-4175-9d15-4d2fef8b710b"
},
{
"code": "ANSSI - R7",
"description": "Only allow controlled devices to connect to the network of the organization",
"importance": 0,
"uuid": "145aba5b-93c9-44b6-b9f5-f622f7b830e1"
},
{
"code": "ANSSI - R7+",
"description": "Only allow controlled devices to connect to the network of the organization (+ strengthened actions)",
"importance": 0,
"uuid": "48f01622-0fed-4736-93ea-19f4876c95f1"
},
{
"code": "ANSSI - R8",
"description": "Identify each individual accessing the system by name and distinguish the user/administrator roles",
"importance": 0,
"uuid": "e68eaaef-6693-4c5c-8f08-364e67e13571"
},
{
"code": "ANSSI - R8+",
"description": "Identify each individual accessing the system by name and distinguish the user/administrator roles (+ strengthened actions)",
"importance": 0,
"uuid": "50c68221-dbd1-4632-9fcd-c5718753b8b7"
},
{
"code": "ANSSI - R9",
"description": "Allocate the correct rights to the information system’s sensitive resources",
"importance": 0,
"uuid": "c2f504b1-58b0-4d37-8d30-3a536ec7f310"
},
{
"code": "ANSSI - R10",
"description": "Set and verify rules for the choice and size of passwords",
"importance": 0,
"uuid": "31d20164-2e71-4fc5-8b74-1b20cec62135"
},
{
"code": "ANSSI - R11",
"description": "Protect passwords stored on systems",
"importance": 0,
"uuid": "afc1c8d0-029a-4ab2-a0c1-95b02d00afe9"
},
{
"code": "ANSSI - R12",
"description": "Change the default authentication settings on devices and services",
"importance": 0,
"uuid": "8b177341-edfb-437c-bf9d-e80bac2564da"
},
{
"code": "ANSSI - R12+",
"description": "Change the default authentication settings on devices and services (+ strengthened actions)",
"importance": 0,
"uuid": "263d0733-4ebb-4464-9971-2ada65b70bdb"
},
{
"code": "ANSSI - R13",
"description": "Prefer a two-factor authentication when possible",
"importance": 0,
"uuid": "d549a5f3-06e3-4aaf-8f76-df672a8be633"
},
{
"code": "ANSSI - R13+",
"description": "Prefer a two-factor authentication when possible (+ strengthened actions)",
"importance": 0,
"uuid": "929c00f4-5f9c-40e1-86cc-de901981aebf"
},
{
"code": "ANSSI - R14",
"description": "Implement a minimum level of security across the whole IT stock",
"importance": 0,
"uuid": "c97f287f-73c7-4040-bf58-14cc203bb701"
},
{
"code": "ANSSI - R14+",
"description": "Implement a minimum level of security across the whole IT stock (+ strengthened actions)",
"importance": 0,
"uuid": "04b41edb-fb77-4072-a76d-956a40716515"
},
{
"code": "ANSSI - R15",
"description": "Protect against threats relating to the use of removable media",
"importance": 0,
"uuid": "8b12b208-e294-4ece-a42c-6f6a21f47c72"
},
{
"code": "ANSSI - R15+",
"description": "Protect against threats relating to the use of removable media (+ strengthened actions)",
"importance": 0,
"uuid": "0ad578e6-a437-4633-b65a-1e7ee3e8be30"
},
{
"code": "ANSSI - R16",
"description": "Use a centralised management tool to standardise security policies",
"importance": 0,
"uuid": "85e2d429-6c19-47d1-94d5-73d0ce70a7fe"
},
{
"code": "ANSSI - R17",
"description": "Activate and configure the firewall on workstations",
"importance": 0,
"uuid": "699cad6f-85b5-44a4-bd2d-a2eee6acacac"
},
{
"code": "ANSSI - R17+",
"description": "Activate and configure the firewall on workstations (+ strengthened actions)",
"importance": 0,
"uuid": "7df4ae40-45fd-4b03-82b4-d92e0c2069bc"
},
{
"code": "ANSSI - R18",
"description": "Encrypt sensitive data sent through the Internet",
"importance": 0,
"uuid": "08b28355-6bc7-49d0-b34c-72c0a0aa690f"
},
{
"code": "ANSSI - R19",
"description": "Segment the network and implement a partitioning between these areas",
"importance": 0,
"uuid": "c70a2f46-1907-41e5-9d66-c62bb290428f"
},
{
"code": "ANSSI - R20",
"description": "Ensure the security of Wi-Fi access networks and that uses are separated",
"importance": 0,
"uuid": "fa99ac96-1418-4347-88f3-4c2061e0a37d"
},
{
"code": "ANSSI - R21",
"description": "Use secure network protocols when they exist",
"importance": 0,
"uuid": "5569e6c1-88af-4b50-961d-8e6e90b9cc85"
},
{
"code": "ANSSI - R22",
"description": "Implement a secure access gateway to the Internet",
"importance": 0,
"uuid": "9823ff67-8899-428c-94d3-06ce13735624"
},
{
"code": "ANSSI - R22+",
"description": "Implement a secure access gateway to the Internet (+ strengthened actions)",
"importance": 0,
"uuid": "221b51f5-ffeb-4f8a-9d5c-6924cdb632b7"
},
{
"code": "ANSSI - R23",
"description": "Segregate the services visible from the Internet from the rest of the information system",
"importance": 0,
"uuid": "c1a2a2c6-2823-40f5-a35c-94e3c3244c25"
},
{
"code": "ANSSI - R24",
"description": "Protect your professional email",
"importance": 0,
"uuid": "87175056-58f9-4d0b-b072-fb07bafd4dc6"
},
{
"code": "ANSSI - R24+",
"description": "Protect your professional email (+ strengthened actions)",
"importance": 0,
"uuid": "8b1a199d-fbdf-42e3-94e4-8edf0af3aee5"
},
{
"code": "ANSSI - R25",
"description": "Secure the dedicated network interconnections with partners",
"importance": 0,
"uuid": "2d4fb180-e92c-4d6f-aff2-895a0f386171"
},
{
"code": "ANSSI - R25+",
"description": "Secure the dedicated network interconnections with partners (+ strengthened actions)",
"importance": 0,
"uuid": "a6d5763d-ef7c-4303-942b-ad8359182c31"
},
{
"code": "ANSSI - R26",
"description": "Control and protect access to the server rooms and technical areas",
"importance": 0,
"uuid": "d050bb64-1057-4d1f-88ab-d51ba74d25c9"
},
{
"code": "ANSSI - R27",
"description": "Prohibit Internet access from devices or servers used by the information system administration",
"importance": 0,
"uuid": "da32da25-83d0-4b37-9e59-40e6938e4e47"
},
{
"code": "ANSSI - R27+",
"description": "Prohibit Internet access from devices or servers used by the information system administration (+ strengthened actions)",
"importance": 0,
"uuid": "db888654-1102-4ad2-abcd-6bc40c0aa053"
},
{
"code": "ANSSI - R28",
"description": "Use a dedicated and separated network for information system administration",
"importance": 0,
"uuid": "039f1371-3adf-4433-880e-6891e75b598e"
},
{
"code": "ANSSI - R28+",
"description": "Use a dedicated and separated network for information system administration (+ strengthened actions)",
"importance": 0,
"uuid": "9452a67a-dd41-4ed7-b973-df197d722282"
},
{
"code": "ANSSI - R29",
"description": "Reduce administration rights on workstations to strictly operational needs",
"importance": 0,
"uuid": "33da8384-f91a-40c2-81e8-3cae0da754ac"
},
{
"code": "ANSSI - R30",
"description": "Take measures to physically secure mobile devices",
"importance": 0,
"uuid": "78f0174f-3036-44be-83ee-e9074092345b"
},
{
"code": "ANSSI - R30+",
"description": "Take measures to physically secure mobile devices (+ strengthened actions)",
"importance": 0,
"uuid": "4a46bdc6-9c94-4552-a747-777cd35f3551"
},
{
"code": "ANSSI - R31",
"description": "Encrypt sensitive data , in particular on hardware that can potentially be lost",
"importance": 0,
"uuid": "00ab5b42-edeb-4e5f-91a4-ee1f5ca544fc"
},
{
"code": "ANSSI - R32",
"description": "Secure the network connection of devices used in a mobile working situation",
"importance": 0,
"uuid": "e34f7dea-07d0-4457-9ad8-35dc8b57d566"
},
{
"code": "ANSSI - R32+",
"description": "Secure the network connection of devices used in a mobile working situation (+ strengthened actions)",
"importance": 0,
"uuid": "e7ac108a-4ff8-4ca7-8ec2-7674e871b16e"
},
{
"code": "ANSSI - R33",
"description": "Adopt security policies dedicated to mobile devices",
"importance": 0,
"uuid": "c63fd77c-edb2-4ade-96d3-c89db095a69a"
},
{
"code": "ANSSI - R33+",
"description": "Adopt security policies dedicated to mobile devices (+ strengthened actions)",
"importance": 0,
"uuid": "9b70ff0f-cf60-41bd-a405-51a68df25bec"
},
{
"code": "ANSSI - R34",
"description": "Define an update policy for the components of the information system",
"importance": 0,
"uuid": "8cac85b0-7553-440f-a439-dd4d00d1d49c"
},
{
"code": "ANSSI - R35",
"description": "Anticipate the software and system end of life/maintenance and limit software reliance",
"importance": 0,
"uuid": "8e1118bc-667b-4598-ace1-deed3945368c"
},
{
"code": "ANSSI - R36",
"description": "Activate and configure the most important component logs",
"importance": 0,
"uuid": "c1d6de0a-0d7a-4632-a7a9-680b34d9218f"
},
{
"code": "ANSSI - R36+",
"description": "Activate and configure the most important component logs (+ strengthened actions)",
"importance": 0,
"uuid": "946ebe15-6f21-4342-ac43-3f4ea6607a80"
},
{
"code": "ANSSI - R37",
"description": "Define and apply a backup policy for critical components",
"importance": 0,
"uuid": "e759976b-9b83-4f81-a35b-c69da63edd06"
},
{
"code": "ANSSI - R37+",
"description": "Define and apply a backup policy for critical components (+ strengthened actions)",
"importance": 0,
"uuid": "8c21d548-812f-4249-8c74-5bedb2f1a9cf"
},
{
"code": "ANSSI - R38+",
"description": "Undertake regular controls and security audits then apply the associated corrective actions",
"importance": 0,
"uuid": "0a736d33-55ac-4711-b1e0-ce2ebe761e75"
},
{
"code": "ANSSI - R39",
"description": "Designate a point of contact in information system security and make sure staff are aware of him or her",
"importance": 0,
"uuid": "140e1184-8547-4429-a881-9ff3f043d7e2"
},
{
"code": "ANSSI - R40",
"description": "Define a security incident management procedure",
"importance": 0,
"uuid": "38d26ad0-2ccf-429f-b046-ddb03e533bb6"
},
{
"code": "ANSSI - R41+",
"description": "Carry out a formal risk assessment",
"importance": 0,
"uuid": "d4498025-0240-4033-8a7f-e90c69134c8e"
},
{
"code": "ANSSI - R42+",
"description": "Favour the use of products and services qualified by ANSSI",
"importance": 0,
"uuid": "a526b314-d2db-44f3-a9c8-7af2320e7d1a"
}
],
"version": 0
}