>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IA-2(10)Identification And Authentication (Organizational Users)

PBMM (P3)
Secret (P3)
Technical

>Control Description

IDENTIFICATION AND AUTHENTICATION | SINGLE SIGN-ON The information system provides a single sign-on capability for organization-defined list of information system accounts and services.

>Supplemental Guidance

Single sign-on enables users to log in once and gain access to multiple information system resources. Organizations consider the operational efficiencies provided by single sign-on capabilities with the increased risk from disclosures of single authenticators providing access to multiple system resources.

>Tailoring Guidance

This security control/enhancement can be met using readily available Commercial-Off-The-Shelf (COTS) components. Consequently, inclusion in a departmental profile is encouraged. The increased risk from a single authenticator to multiple systems can be offset by selecting IA-2(7), i.e. multifactor with separate device.

Ask AI

Configure your API key to use AI features.