Secure engineering policy

Summary

The secure engineering policy defines rules and principles applied in design and engineering of systems, networks and infrastructure.

The policy applies to all network engineers, internal and external.

Principles

Network architecture and designs should always be peer reviewed
The four eyes-principle should be applied when medium and high impact network changes take place
Engineers should stay up-to-date of vulnerabilities in used networking technology (firewalls, routers, ...)
Engineers should not have access to Sensitive data
Software versions that no longer have security patches released are prohibited

Updated 9 months ago

What’s Next

Information security policy