Tamper evident seals and associated auditing processes identify attempts to bypass the physical security of systems and their infrastructure.

]]> This section covers information on tamper evident seals that can be applied to assets.

]]> Recording information about seals in a register and on which asset they are used assists in reducing the security risk that seals could be substituted without security personnel being aware of the change.

]]> Agencies MUST record the usage of seals in a register that is appropriately secured.

]]> Agencies MUST record in a register, information on:

  • issue and usage details of seals and associated tools;
  • serial numbers of all seals purchased; and
  • the location or asset on which each seal is used.
]]> Agencies SHOULD record the usage of seals in a register that is appropriately secured.

]]> Agencies SHOULD record in a register information on:

  • issue and usage details of seals and associated tools;
  • serial numbers of all seals purchased; and
  • the location or asset on which each seal is used.
]]> Using uniquely numbered seals ensures that a seal can be uniquely mapped to an asset. This assists security personnel in reducing the security risk that seals could be replaced without anyone being aware of the change.

]]> Agencies SHOULD consult with the seal manufacturer to ensure that, if available, any purchased seals and sealing tools display a unique identifier or image appropriate to the agency.

]]> Seals and any seal application tools SHOULD be secured when not in use.

]]> Agencies SHOULD NOT allow contractors to independently purchase seals and associated tools on behalf of the government.

]]> Users of assets with seals should be encouraged to randomly check the integrity of the seals and to report any concerns to security personnel. In addition, conducting at least annual reviews will allow for detection of any tampering to an asset and ensure that the correct seal is located on the correct asset.

]]> Agencies SHOULD review seals for differences with a register at least annually. At the same time seals SHOULD be examined for any evidence of tampering.

]]>