Corporate Security Standard

This document, issued on July 12, 1993, outlines the general security requirements for all operating systems used by Digital Equipment Corporation. It supersedes previous standards and introduces new requirements. The standard is applicable to all operating systems as specified in Digital Corporate Security Policy No. 11.0 and takes precedence in case of conflicts with other security standards. The document details responsibilities, requirements for accounts and authentication, directory and file protection, logging and auditing, general computer security controls, network security, and application security. It also includes appendices on reporting security incidents, external access review processes, and referenced documents, along with a glossary and index. The standard aims to prevent unauthorized disclosure, modification, or destruction of Digital's information, ensuring its integrity, reliability, and availability.