In this section, we will discuss additional measures to ensure there are no unnecessary open access to allow the environment to continue at the same level of security that has been established.
What this means is that good access control practices need to be implemented and maintained from the beginning. Lack of periodical updates usually causes the most vulnerabilities in an environment.
These updates include:
• Deny access to systems to undefined users or anonymous accounts.
• Limit and monitor the usage of administrator and other powerful accounts.
• Suspend or delay access capability after a specific number of unsuccessful logon attempts.
• Remove obsolete user accounts as soon as the user leaves the company.
• Suspend inactive accounts after 30 to 60 days.
• Enforce strict access criteria.
• Enforce the need-to-know and least-privilege practices.
• Disable unneeded system features, services, and ports.
• Replace default password settings on accounts.
3.4 - Access Control Practices
0 comments:
Post a Comment