Advisory Communication and Network Security Standard

Date:	10/05/2018
Organization:	Cybersecurity and Enterprise Risk Management
Referenced Sources:	MGL Chapter 7D, Section 2

The Communication and Network Security Standard details requirements for network security management, remote access security management, third-party network access and secure file transfer by the Commonwealth of Massachusetts.

Cybersecurity and Enterprise Risk Management

Online

Cybersecurity questions: CommonwealthCISO@mass.gov

Risk management questions: ERM@mass.gov

Report cybersecurity or data breach: eotss-soc@mass.gov

Skip table of contents

Purpose

This standard establishes security requirements for the Commonwealth’s network infrastructure and connectivity, including:

Network architecture requirements to include redundancy, network segmentation, encryption and the documentation of network diagrams
Use of network infrastructure protection such as firewalls, intrusion detection systems, web-proxies and data loss prevention
Controls to protect end-point computing systems
Requirements for remote access
Requirements for third-party business-to-business connections
Requirements for secure file transfer

Downloads for Communication and Network Security Standard

IS.006 Communication and Network Security Standard (PDF 232.03 KB)

Contact for Communication and Network Security Standard

Online

Cybersecurity questions: CommonwealthCISO@mass.gov

Risk management questions: ERM@mass.gov

Report cybersecurity or data breach: eotss-soc@mass.gov

Table of Contents

Advisory Communication and Network Security Standard

Contact for Communication and Network Security Standard

Cybersecurity and Enterprise Risk Management

Online

Table of Contents

Purpose

Downloads for Communication and Network Security Standard

Contact for Communication and Network Security Standard

Cybersecurity and Enterprise Risk Management

Online