>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IAM-33Remote Maintenance: Authentication Sessions

>Control Description

Vendor accounts used for remote access are enabled only during the time period needed, disabled when not in use, and monitored while in use.

Theme

Technology

Type

Preventive

Policy/Standard

Remote Access Procedure

>Implementation Guidance

1. Ensure that vendor accounts that are used for remote access, have the following configurations: -Enabled only for the time period needed -Disabled when not in use -Monitored when in use

>Testing Procedure

1. Validate that vendor accounts that are used for remote access, have the following configurations: -Enabled only for the time period needed -Disabled when not in use -Monitored when in use

>Audit Artifacts

E-IAM-47

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

CIS Controls
1

13.5

PCI DSS
1

8.2.7

Ask AI

Configure your API key to use AI features.