Data processing equipment security. Establishes the security requirements that all peripheral data processing equipment or related equipment must meet.

Applies to:
o Electronic data processing machines, portable (laptop, notebook, palmtop), microcomputers, personal systems, personal computers, personal computers, network terminals (Pc-net), servers or equivalent and that also meet the following two characteristics:

• That they are uniprocessors

• That they use BUS-AT (ISA), or EISA, or MCA, or NUBUS, or BIOS, or PCI, or PCMI, or PMCIA technology, in all their current, future or derived versions of these, as their main operating BUS

o Peripherals associated with the machines indicated in section a) of this subsection, such as printers, graphers, external disk drives, external tape drives, digitizing tablets, image digitizers, optical readers, monitors and terminals.

o Equipment used for electronic communication between data processing equipment and peripheral equipment, local area networks (LAN), such as concentrators, protocol converters or routers, etc., designed to handle a single technology whose data BUS is not greater than 100 MBs, or that have any of the following characteristics:

• They are not modular;

• They cannot be programmed easily.