April 26th 2022 Update
Alternatively, where an organisation does not control the network that a device is connected to, a host-based firewall must be configured on a device.
This works the same way as a boundary firewall but only protects the single device on which it is configured. This approach can provide for more tailored rules and means that the rules apply to the device wherever it is used. However, this increases the administrative overhead of managing firewall rules.
Security update management
The Applicant must keep all its software up-to-date. Software must be:
For optimum security and ease of implementation, it is strongly recommended that all released updates be applied within 14 days. Any longer would constitute a serious security risk while a shorter period may not be practical.
The Applicant must be in control of its user accounts and the access privileges granted to each user account that has access to the organisation’s data and services. This means the Applicant must: