Benchmark: 3.5 Identification and Authentication
Description
This family of requirements ensures only authenticated users can access the organization's network or systems. The 11 requirements cover password and authentication procedures and policy, alongside the reliable identification of users. Requirements ensure the distinction between privileged and non-privileged accounts is reflected in network access.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 3.5 Identification and Authentication.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.nist_sp_800_171_rev_2_3_5Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.nist_sp_800_171_rev_2_3_5 --shareBenchmarks
- 3.5.1 Identify system users, processes acting on behalf of users, and devices
- 3.5.2 Authenticate (or verify) the identities of users, processes, or devices, as a prerequisite to allowing access to organizational systems.
- 3.5.5 Prevent reuse of identifiers for a defined period
- 3.5.6 Disable identifiers after a defined period of inactivity
- 3.5.7 Enforce a minimum password complexity and change of characters when new passwords are created
- 3.5.8 Prohibit password reuse for a specified number of generations
- 3.5.10 Store and transmit only cryptographically-protected passwords