Recommended Baseline Types for IT Assets - PAS Integrity Software Suite - 7.3 - Administration & Configuration - Intergraph

Integrity Administration Guide

Language
English
Product
PAS Integrity Software Suite
Subproduct
Cyber
Search by Category
Administration & Configuration
PAS Version
7.3

On the IT side, PAS by Hexagon recommends the following methodology for conducting a risk ranking of IT assets:

user-cyber-base-riskIT

Computer assets with a Low risk level (basic inventory):

  • Vendor-Provided Software: Compiled (or has the ability to be compiled) machine language instructions specific to an individual Windows computer provided by the vendor as part of the standard manufactured product.

Managed switches, routers, and firewalls with Low risk level (basic inventory):

  • Vendor-Provided Software: Compiled (or has the ability to be compiled) machine language instructions specific to an individual node provided by the vendor as part of the standard manufactured product.

  • Vendor-Provided Hardware: Collection of physical elements that constitutes a node provided by the vendor as part of the standard manufactured product.

Computer assets with a Medium risk level (detailed inventory):

  • Base Configuration: Attributes that are configured on an individual node that define how or what the system is on the network and/or what it controls/has access to.

  • Scripts: Uncompiled (does not have the ability to be compiled) scripting language files typically used for simulating user interaction, system administration, automating day-to-day office tasks, or system monitoring.

Managed switches, routers, and firewalls with Medium risk level (detailed inventory):

  • Basic Configuration: Attributes that are configured on an individual node that define how or what the system is on the network and/or what it controls/has access to.

Computer assets with a High risk level (connection):

  • Communication: Communication that occurs outside of the current asset or within the same node but not within the same component.

Managed switches, routers, and firewalls with a High risk level (connection):

  • Communication: Communication that occurs outside of the current asset or within the same asset but not within the same node.

Computer assets with a Safety Critical risk level (physical and logical security):

  • Vendor-Provided Hardware: Collection of physical elements that constitutes a node provided by the vendor as part of the standard manufactured product.

  • Secure Data: Any configuration that deals with the security or encryption of data.

  • Physical Security: Collection of physical elements that constitutes a node provided by the vendor as part of the standard manufactured product.

  • Logical Security: Any configuration that deals with the security or encryption of data.

Managed switches, routers, and firewalls with a Safety Critical risk level (physical and logical security):

  • Logical Security: Any configuration that deals with the security or encryption of data.

While PAS by Hexagon recommends the items to manage as part of your baseline types, you configure the list of assets to include in your baselines. You should conduct your own risk assessment and define the risk level of your assets as needed.