Security Hygiene

While a comprehensive risk analysis and focus on the most critical issues is vital, there is a minimum level of security that should be basic hygiene non-negotiable - one shouldn't analyse which bacteria are exactly mitigated by washing ones hands after going to the toilet, but just do it. This includes using state of the art cryptography, writing robust code, leaving enough resources for security updates, and manage cryptographic keys properly.

A good example for strong requirements allow for good hygiene as well as providing test guidelines for compliance have been provided by Oesterreich Energie for the Austrian Smart Meter rollout.

Deutsche Version

English Version