Recommendations to secure administration of IT systems
The administration of an IS entails a set of technical and non-technical measures that among other things aim to keep the IS in operating and secure condition and to manage the minor changes or major developments.
This guide describes the security objectives and the principles for developing a secure technical architecture for administration. It proposes elements that are useful in assisting with the design. It presents a few concrete use cases but does not intend to be complete.
This document is intended for readers that have a minimum amount of knowledge to apprehend the security recommendations that are presented and the ability to adapt these recommendations to their specific context and needs. One must also refer to its organisation's IT system security policy and to the results of the risk analysis in order to determine the most pertinent recommendations to implement.