Advisory

Advisory  Communication and Network Security Standard

Date: 10/05/2018
Organization: Cybersecurity and Enterprise Risk Management
Referenced Sources: MGL Chapter 7D, Section 2

The Communication and Network Security Standard details requirements for network security management, remote access security management, third-party network access and secure file transfer by the Commonwealth of Massachusetts. 

Contact

Cybersecurity and Enterprise Risk Management

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov

Table of Contents

Purpose

This standard establishes security requirements for the Commonwealth’s network infrastructure and connectivity, including:

  • Network architecture requirements to include redundancy, network segmentation, encryption and the documentation of network diagrams
  • Use of network infrastructure protection such as firewalls, intrusion detection systems, web-proxies and data loss prevention
  • Controls to protect end-point computing systems
  • Requirements for remote access
  • Requirements for third-party business-to-business connections
  • Requirements for secure file transfer

Contact

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov
Referenced Sources:

Help Us Improve Mass.gov  with your feedback

Please do not include personal or contact information.
Feedback