Integrated anti-malware, firewall and backup

4.01🔴

Is your solution for all mandatory sub-categories (Virus/ Malware Protection, Firewall, Backup) in this package part of an integrated suite from a single product vendor, to provide seamless delivery to the customer?

Mandatory

4.02

Has your integrated solution undergone cybersecurity product certification? Please list all relevant cybersecurity certification applicable. (e.g. Common Criteria (CC) or similar)

Preferred

4.03🔴

Secure/Protect - Virus/ Malware Protection Does your solution support the detection of attacks in endpoints on the organisation's environment?

Mandatory

4.0🔴

Does your solution enable/support virus and malware scans to detect possible cyberattacks, where scans can be configured to be automated and remain active to provide constant protection.

Mandatory

4.05🔴

Does your solution enable auto-updates or support configuration to updates , e.g. minimally daily, of signature files or equivalent (e.g., non-signature based machine learning solutions) to detect new malware?

Mandatory

4.06🔴

Does your solution support the ability to automatically scan the files upon access? This includes files and attachments downloaded from the Internet through the web browser or email and external sources such as from portable USB drives.

Mandatory

4.07🔴

Secure/Protect - Firewall Does your firewall solution support the protection of network, systems, and endpoints such as laptops, desktops, servers, and virtual environments, providing protection with configuration to analyse and accept only authorised network traffic into the organisation’s network? Please indicate if the firewall solution is a: -Host-based firewall, or -Network perimeter firewall.

Mandatory

4.08🔴

Backup Does your solution enable/support the organisation in backing up essential business information from organisation's systems and keeping them separate and isolated from the operating environment? Examples of essential business information include financial data and business transactions.

Mandatory

4.09🔴

Does your solution enable the organisation to configure the frequency of backups for alignment to its business requirements?

Mandatory

4.10🔴

Does your solution support the protection of backups from unauthorised access and restrict access to authorised personnel only?

Mandatory

4.11

Asset - Hardware/Software - IT Asset Management Does your solution enable/support the organisation to manage and maintain an up-to-date asset inventory of all the hardware and software assets? a. Hardware assets - This shall include assets such as mobile devices, Internet of Thing (IoT) devices, or other devices. b. Software assets – This shall include assets such as cloud-based subscriptions and services, as well as software and/or operating systems deployed on cloud instances

Preferred

4.12

Does your solution enable/support the organisation to identify and take action to replace hardware and software assets that are unauthorised or have reached their respective End-of-Support (EOS)?

Preferred

4.13

Does your solution enable/support the organisation's authorisation process to onboard new hardware and software into the organisation?

Preferred

4.14

Does your solution enable/support the entry of the date of authorisation of software and hardware into the asset inventory list after the relevant dispensation has been obtained?

Preferred

4.15

Does your solution enable/support the organisation to identify and remove software and hardware without approval dates?

Preferred

4.16

Asset - Data - Data Asset Management Does your solution enable/support the organisation to identify, manage and maintain an up-to-date inventory of all business-critical data, minimally capturing the following fields: - Description - Data classification and/or sensitivity - Location - Retention period?

Preferred

4.17

Asset - Data - Data Loss Prevention Does your solution provide protection from employees leaking confidential and/or sensitive data outside of the organisation?

Preferred

4.18🔴

[For solution vendor] Does your company provide the following professional services: - Installation and configuration - Documentation of key deployment information of the solution and briefing for solution handover to customer

Mandatory