Apply enhanced security procedures to protect data
Overview
This standard is about applying enhanced security procedures to protect a digital device and the data it may contain or access.
It involves configuring digital devices to reduce cyber security risk and improve resilience at start-up and during operation. It includes implementing multi factor authentication to access digital devices and using encryption to secure data, files and drives on digital devices.
It also includes reducing risk by adopting the principle of least privilege user status to enhance the security of digital devices during everyday use.
This standard is for those who need to apply enhanced security procedures to protect data on or accessed through digital devices to meet their own needs or as part of their duties.
Performance criteria
You must be able to:
Review and configure digital device settings to disable or modify those features not required to reduce the cyber security vulnerabilities in line with organisational procedures
Encrypt the storage drive that stores and hosts the digital device operating system to maintain cyber resilience
Implement and configure secure boot at start-up in line with organisational procedures
Add multi factor authentication access measures to access digital devices to provided enhanced security of systems and data
Operate the principle of least privilege to restrict system access to only those authorised in line with organisational policies
Use encryption to send confidential data safely by email and other digital communication methods
Secure web browsers by updating default settings to an enhanced state of protection in line with organisational policies
Knowledge and Understanding
You need to know and understand:
- The cyber security challenges faced by organisations
- The different types of security personnel and their roles in organisations
- The security measures that can be taken to reduce vulnerabilities in digital devices
- How to configure digital devices to reduce cyber security risk and improve resilience at start-up and during operation
- How to check network connection security status
- The role of multifactor authentication in improving security resilience
- How to add biometric access privileges to enabled digital devices
- The role of data, file and drive encryption to protect devices and data
- How to implement encryption for emails, local files and folders
- How to encrypt the main operating system software drive
- The ways in which cyber security attacks can be detected
- The ways in which organisations respond to cyber security attacks
- The behaviours that minimise the risk of a successful cyber security attack