Benchmark: CC6 Logical and Physical Access
Description
The criteria relevant to how an entity (i) restricts logical and physical access, (ii) provides and removes that access, and (iii) prevents unauthorized access.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-gcp-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select CC6 Logical and Physical Access.
Run this benchmark in your terminal:
powerpipe benchmark run gcp_compliance.benchmark.soc_2_2017_cc_6Snapshot and share results via Turbot Pipes:
powerpipe benchmark run gcp_compliance.benchmark.soc_2_2017_cc_6 --shareBenchmarks
- CC6.1 The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity's objectives
- CC6.3 The entity authorizes, modifies, or removes access to data, software, functions, and other protected information assets based on roles, responsibilities, or the system design and changes, giving consideration to the concepts of least privilege and segregation of duties, to meet the entity’s objectives
- CC6.6 The entity implements logical access security measures to protect against threats from sources outside its system boundaries.
- CC6.7 The entity restricts the transmission, movement, and removal of information to authorized internal and external users and processes, and protects it during transmission, movement, or removal to meet the entity’s objectives