Text

_

l NUREG/BR4152 LOCAL AREA NETWORK SECURITY GUIDE GENERAL SECURITY REQUIREMENTS FOR USING LOCAL AREA NETWORKS U S. Nuch Reguistory Commission Office of Informaton Resources Management DMaico of informatKm Support Services a

n A

$e #,$

• e$

1 l

l

)

\\

,JL i

80 f

l g6.$$$

Af$

(a g

"' a 9110080424 911000

~ t+*+

PDR NUREQ t"

j PDR _ j.

BR-0152 R..

j i

i 1

I E

CEb.EE E

E E

S Local Area Network Security Guide sensitive Unclassified fe turest pment m utnorized access to your LAN files.

GENERAL SECURITY REQU!REMEtTTS FOR informat. ion USING LOCAL AREA NETWORKS A Local Area Network (LAN) is a system for linking fo*b cntered on a.

5) Protect Your Unattended Terminal e a the programs, storage, and devices to multiple work-fcH steps.

stations over relatively small geographic areas.

Always logout before leaving your Typica!!y, a LAN interconnects computers within a terminalor PC.

building or a number of buildings in the same area.

1) Protect Your E uipment 9

When a PC or terminalis connected to a LAN. the working environment changes. What was private Keep food, drink, and electrical

6) Protect Against Viruses computing, becomes group computing. In this en_

appliances away from LAN equip-vironment, the LAN is an attractive target for data ment PC,terminaland media.

Never bring in or use unapproved, T

theft, disclosure, modification, and destruction.

at

~

Data, programs, and peripherats are shared by

2) Protect Your Area everyone on the LAN. New communication routes

7) Profect Your Media to corporate data make each PC and work station Recognize, polite!y chat enge, and potentiality a threat to the integrity, confidentiality, assist people who do not belong' in and availability of NRC sensitive and rnission criti-the area' cal data.

up software, removable media nd e W pnwntth t ntains

3) Protect Passwords The following instructions provide a s'ep-by-step fmed nwdia.

approachtoentering'nt. These instructions are not dataardpropertysecuringit in a LAN environme se nly penndted passwords.

8) Protect Against Disaster irtriusive; therefore, if you have any questions, change them frequently, and DO contact the Office of Information Resources Man-NOTshareyourpassword with Disasters start when data and agement (IRM), Division of Information Support 3"YODE programs are not backed up Services (DISS), or refer to NRC Appendix 2301, routinely. Always back-up Parts I and il programs, data and other

4) Protect Your Files faes and secure them property.

Classified Information Establish and periodically review access privileges for c3ch LAN-There are no current classified NRC LAN systems sensitive file. Use system security and no plans to develop such systems. NEVER,

~

under any circumstances, process or enter classi-fled information or data on a LAN system.

Unauthorized reproduction of copyrighted softwar 4 against the LAW