ST1098EUEU

ST1098

[7. Physical and information security] Establish basic safeguarding measures and procedures for secured storage of and access to controlled dual-use software or technology in electronic form, including antivirus checks, file encryption, audit trails and logs, user access control and firewall. If…

Assess my company

Plain-language summary

What it actually means.

to be determined

Plain-language summary forthcoming. Source text below.

Source text

As written.

[7. Physical and information security] Establish basic safeguarding measures and procedures for secured storage of and access to controlled dual-use software or technology in electronic form, including antivirus checks, file encryption, audit trails and logs, user access control and firewall. If applicable to your company, consider protective measures for uploading software or technology to the ‘Cloud’, storing it in the ‘Cloud’ or transmitting it via the ‘Cloud’.

Assessed by HEXDI

What HEXDI assesses.

  • M5

    3 — PHYSICAL SECURITY AND ACCESS CONTROL

    Program prohibits accessing controlled software and technical information on an unsecured computer network.

  • M5

    2 — PHYSICAL SECURITY AND ACCESS CONTROL

    Program prohibits storage of controlled software and technical information on an unsecured computer network.

  • M5

    4 — PHYSICAL SECURITY AND ACCESS CONTROL

    Program prohibits the transfer of access information that could result in the release of controlled software or technology without a…

  • M5

    1 — PHYSICAL SECURITY AND ACCESS CONTROL

    [until 03/25/20] Program prohibits storage of ITAR-controlled technical data on any computer network located outside the United States…

  • M5

    2 — PHYSICAL SECURITY AND ACCESS CONTROL

    [until 03/25/20] Program prohibits accessing ITAR-controlled technical data from any computer network located outside the United States…

  • M5

    1 — PHYSICAL SECURITY AND ACCESS CONTROL

    Program prohibits storage of EAR-controlled software and technology on any computer network located outside the United States without a BIS…

Related

Other EU standards.

Source & revisions

First mapped
Jun 8, 2022
Last updated
May 26, 2026 (32m ago)
Source
EU Guidance