Skip to main content
Policy Advisory

Policy Advisory  Communication and Network Security Standard

Date: 01/01/2025
Organization: Cybersecurity and Enterprise Risk Management
Referenced Sources: MGL Chapter 7D, Section 2

The Communication and Network Security Standard reinforces the Commonwealth’s commitment to an effective communication and network strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks.

Contact

Cybersecurity and Enterprise Risk Management

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov
Skip table of contents

Table of Contents

You skipped the table of contents section.

Purpose

This standard establishes the minimum security requirements for the Commonwealth’s network infrastructure and connectivity, including:

•Network architecture requirements to include redundancy, network 
segmentation, encryption, and the documentation of network diagrams.

•Use of network infrastructure protection such as firewalls, intrusion detection 
systems, web-proxies and data loss prevention.

•Controls to protect endpoint computing systems.

•Requirements for remote access.

•Requirements for third-party business-to-business connections.

•Requirements for secure file transfer.

Downloads

Open PDF file, 187.83 KB,  IS.017 Communication and Network Security Standard (English, PDF 187.83 KB)

Contact

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov
Referenced Sources:
MGL Chapter 7D, Section 2

Help Us Improve Mass.gov  with your feedback

Please do not include personal or contact information.
Feedback