k) Develop built-in redundancies for single points of failure which can bring down the entire network.
l) Develop and maintain a recovery strategy and business continuity plan based on total information technology, operational and business needs.
m) Maintain a rapid recovery capability.
n) Conduct penetration testing at least annually on the network.
o) All requests by Business Units for data lines must through IT and to be logged
p) All applications on the network must be prioritized so that users gain maximum availability to core applications
q) The designers and implementers of the application are to take into consideration the bandwidth limitations of the wide area network
r) All network devices must support a unified access control list (ACL) and Network provider staff is the only one permitted access.
s) For All Group’s switches that are outsourced to IT Outsourcing partner. IT Outsourcing partner must maintain a standardized platform for these switches.
t) All Internet connection from the Group premises has to pass through a controlled proxy server.
u) IT must approve all connections from the Group network to external network. Connections only be permitted to external networks that have been reviewed and verified as having appropriate security controls and procedures.
v) The network topology must comply with Group IT Policy and approved by Head of IT.
w) Firewalls and IDS used to protect and monitor Group networks must run on separate dedicated computers that do not serve other purposes, such as web servers.
x) The internal system addresses (such as the IP address), configurations, and related system design information for the Group network systems must be restricted from both systems users and users outside the Group network.
y) The network security must be robust enough to withstand Advanced Persistent Threat (APT) attack.