Benchmark: 3.1 Access Control
Description
This family of requirements deals with access to networks, systems, and information. The 22 different requirements help to ensure only authorized users access the system. Requirements also safeguard the flow of sensitive information within the network and provide guidance on network devices in the system.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select 3.1 Access Control.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.nist_sp_800_171_rev_2_3_1
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.nist_sp_800_171_rev_2_3_1 --share
Benchmarks
- 3.1.1 Limit system access to authorized users, processes acting on behalf of authorized users, and devices (including other systems)
- 3.1.2 Limit system access to the types of transactions and functions that authorized users are permitted to execute
- 3.1.3 Control the flow of CUI in accordance with approved authorizations
- 3.1.4 Separate the duties of individuals to reduce the risk of malevolent activity without collusion
- 3.1.5 Employ the principle of least privilege, including for specific security functions and privileged accounts
- 3.1.12 Monitor and control remote access sessions
- 3.1.13 Employ cryptographic mechanisms to protect the confidentiality of remote access sessions
- 3.1.14 Route remote access via managed access control points