User's Manual

ManualsBrandsQUOTIENT SUISSE ManualsElectronicsIn-vitro diagnostic analyzer system

151

152

153

154

155

156

157

158

159

160

CYBERSECURITY / PASSWORD

159

MosaiQ 125 - User Manual - November 2020 - Reference n°: MMSURM.0010.02

14.4 PASSWORD

 Only allow legitimate and trained employees to access to the MosaiQ125 system

with a password.

 Implement an account management process.

 Limit the number of privileged accounts to those who have a legitimate activity

requirement.

 Establish a process for revoking system access by disabling accounts immediately

upon termination of an employee or contractor. Disabling instead of deleting

accounts allows preservation of audit trails should an investigation be necessary.

 Require that all employee accounts have strong passwords, which contain letters,

numbers, and special characters. Ensure that they are changed every 90 days, and

that the previous 15 passwords are not allowed to be used as a new password.

NOTICE

The MosaiQ 125 automatically disconnects the user after a

predetermined (user setting) period of inactivity.

14.5 EXTERNAL MEDIA AND DEVICES

WARNING

Laboratory users must not connect any device (e.g. USB stick) to

the MosaiQ computer as there is a risk of malware infection.

Never use the MosaiQ 125 and connections for a purpose other

than the intended purpose of Quotient.

The use of the system for other purposes can make the system

vulnerable to software viruses.

 The utilization of the USB port is strictly reserved to the Quotient Suisse SA

authorized service personnel only.

INFO

Users cannot access to any data of the MosaiQ 125 computer using

the USB port.

14.7 INCIDENT RESPONSE

When a cybersecurity incident occurs, it is time to take action and mitigate – as quickly as

possible – any threat to the conﬁdentiality, integrity, and availability of an organization’s

information assets.

Cyber incident management helps mitigate the risks associated with internal and

external threats, as well as helping an organization maintain regulatory compliance

where required. An organization must be prepared to handle incidents that may originate

from a variety of sources. Sources for cybersecurity incidents include:

Insiders who act with malicious intent, trusted insiders whose acts cause damage by

mistake, and attacks from cyber criminals.

The following are some of the objectives of cybersecurity incident management:

 Prevent cybersecurity incidents before they occur.

 Minimize the impact of cybersecurity incidents to the conﬁdentiality, availability,

or integrity.

 Mitigate threats and vulnerabilities as cybersecurity incidents are occurring.

 Improve cybersecurity incident coordination and management.