CSSF COVID-19 FAQ

On 17 March 2020, the CSSF issued an FAQ clarifying the recommended minimum IT security requirements for remote access implemented to meet the demands of the exceptional situation created by Covid-19 and issuing minimum recommendations with respect to:

high-privileged access: identification of user profiles with the highest risk levels (IT administrators, employees in charge of transactions/payments, etc.) and the implementation of proper security measures (strong authentication, access from a secure laptop, logging and review of sensitive actions); secure communication: encryption of communication channels (e.g. use of VPN with AES-256, RSA-2048 encryption); connection monitoring: controls to ensure, at least, that remote connections are consistent with recourse to teleworking (i.e. access during office hours, geofencing); the duration of remote access: remote access introduced due to the exceptional Covid-19 situation should be temporary and disabled once the exceptional circumstances have passed. The CSSF is further "urging financial...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT