|
Article 6
|
(Network Equipment Protection Standards)
- An organization shall avoid using end-of-service (EOS) or end-of-life (EOL) network equipment and devise replacement related plans with regard to such equipment.
- An organization shall check for official releases of updates to software, firmware, vulnerability remediation programs and, upon evaluation, update network equipment to the current version or the supplier proposed version.
- An organization shall implement identity verification when it performs remote maintenance of the system through connection by the Internet to the intranet.
- The protection standards applicable to all the network equipment of an organization are governed by the Reference Guidelines on the Protection of the Information and Communication Systems of Service Enterprises in Securities and Futures Markets.
|