Provider capabilities TSK
| Name | Description |
|---|---|
| Secure network design | Provide specifications for secure network design, segmentation, addressing, and communication protocols |
| Use control policy | Control policy for the use of equipment (laptops, mobile devices ...) with procedures for restricting connections and access, as well as procedures for using software and services. Change management and updates. Procedures to permanently delete data from devices that are de-registered. Procedures for the use of encryption in data and communications. Change user password by default. |
| Cybersecurity assessment | Provide minimally invasive industrial cybersecurity assessment. First step in establishing security requirements within the context of operational needs, this can also provide meaningful information on security levels, even less deployment of protection technologies |
| Equipment use control | Control of equipment use (laptops, mobile devices, ...) to restrict access to information through encryption and blocking of malware and malicious traffic |
| Access control policy | User and group policy that will define access for each type of information established and assignment of permissions by profiles and groups |
| Certificate use policy | Policy that identifies Certification Authorities (CA), Registration Authorities (RA), applicants, subscribers and trusted third parties. As well as the characteristics of the certificates, such as their validity, own uses, unauthorized uses, issuance and revocation processes |