NIST DRAFT SP 800-124 Revision 1, Guide to Enterprise Telework and Remote Access Security

　こんにちは、丸山満彦です。NISTがDRAFT SP 800-124 Revision 1, Guide to Enterprise Telework and Remote Access Securityを公表していますね。。。

　
■NIST
・2012.07.04 DRAFT SP 800-124 Revision 1, Guide to Enterprise Telework and Remote Access Security

＝＝＝＝＝

Executive Summary
1. Introduction
　1.1 Purpose and Scope
　1.2 Audience
　1.3 Document Structure

2. Mobile Device Overview
　2.1 Defining Mobile Device Characteristics
　2.2 High-Level Threats and Vulnerabilities
　　2.2.1 Lack of Physical Security Controls
　　2.2.2 Use of Untrusted Mobile Devices
　　2.2.3 Use of Untrusted Networks
　　2.2.4 Use of Applications Created by Unknown Parties
　　2.2.5 Interaction with Other Systems
　　2.2.6 Use of Untrusted Content
　　2.2.7 Use of Location Services

3. Technologies for Mobile Device Management
　3.1 Components and Architectures
　3.2 Capabilities

4. Security for the Enterprise Mobile Device Solution Life Cycle
　4.1 Initiation
　　4.1.1 Restrictions on Mobile Devices and Access Levels
　　4.1.2 Additional User Requirements
　4.2 Development
　4.3 Implementation
　4.4 Operations and Maintenance
　4.5 Disposal

Appendix A— Supporting NIST SP 800-53 Security Controls and Publications
Appendix B— Acronyms and Abbreviations
Appendix C— Resources
＝＝＝＝＝