W. Va. Code R. § 179-10-17 - Security Requirements
17.1.
Networks should be logically separated so that there should be no network
traffic on a network link that cannot be serviced by hosts on that link.
17.2. Networks must meet all of
the following requirements to assure security:
17.2.1. The failure of any single item should
not result in denial of service;
17.2.2. An intrusion detection
system/intrusion system must be installed on the network and monitored.
17.2.3. Each server instance in
cloud and virtualized environments should perform only one function.
17.2.4. In virtualized environments,
redundant server instances cannot run under the same hypervisor.
17.2.5. Stateless protocols should not be
used for sensitive data without stateful transport.
17.2.6. All changes to the network
infrastructure must be logged and configuration documentation updated.
Notes
State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.
No prior version found.