>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IAM-27Service Account Restrictions

>Control Description

Individual user or administrator use of service accounts for O/S, applications, and databases is prohibited.

Theme

Process

Type

Preventive

Policy/Standard

Access Management Procedure

>Implementation Guidance

1. Ensure that Individual user or administrator use of service accounts for O/S, applications, and databases is prohibited.

>Testing Procedure

1. Review all interactive service accounts used within the environment and confirm that they are disabled or removed. 2. If interactive service accounts are in use these accounts should be stored in a shared credential management tool., and access to these accounts need to be tied back to an individual user.

>Audit Artifacts

E-IAM-38
E-IAM-39

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

PCI DSS
1

8.2.1

Ask AI

Configure your API key to use AI features.