Industrial Internet Security Framework v 1.0 | Page 120
Security Framework
11: Security Configuration and Management
Figure 11-8: Flow of Management Data
Privacy should be factored into the system design to protect the sensitive data, anonymize it, and
control the data’s retention period and storage location, ensuring that it is properly deleted.
Privacy-sensitive data should be documented to ensure that there is adequate awareness of it. It
should be managed based on policies governing access rights and consent/revocation, and
sharing with third parties.
Careful management over the ownership of data is required to keep the security data safe from
unintended modification. The access control must be enforced on the endpoint, such as in the
configuration on a device or in the database of the management server, and in the
communications between endpoints.
11.10 SECURITY MODEL & POLICY FOR CHANGE MANAGEMENT
Changes to regulatory policy, industry standards and new directives should trigger review of the
security model. Any update affects the organization policy hierarchy. For example, when
regulatory policy strengthens network access controls, these changes must be reflected in the
organizational policy by setting access rights to certain networks to match the directives from the
regulatory policy. Changes in organizational security policy similarly require adjustment to the
machine policy for security control settings, configurations and security controls.
All policy updates must be carefully controlled and tracked with an audit trail.
IIC:PUB:G4:V1.0:PB:20160926
- 120 -