Compute Resources
5.2 Compute Resources
-
Access Controls:
-
a. Apply Role-Based Access Control (RBAC) on cloud and on-premises systems.
-
b. Set default access permissions to the principle of least privilege.
-
-
c. Offer implementation of Conditional Access Policies as a consulting service based on client requirements.
Technical Controls:
| Control ID | Description | Tools/Methods |
|---|---|---|
| a | Apply Role-Based Access Control (RBAC) on systems. | Access management platforms; Directory services (e.g., Active Directory) |
| b | Set default access permissions to least privilege. | Access control lists (ACLs); Regular access reviews |
| c | Implement Conditional Access Policies as per client requirements. | Conditional access solutions (e.g., Azure Conditional Access); Policy development frameworks |
Standard Operating Procedures
installadmin) after 7 days.
DTC'S RMM, Microsoft Windows PowerShell, Internet Access
e
Rotate dtcadmin user password at system boot, user login, and weekly.
DTC'S RMM, Microsoft Windows PowerShell, Internet Access
f
Rotate built-in Administrator password at system boot, user login, weekly.
DTC'S RMM, Microsoft Windows PowerShell, Internet Access
g
Implement Multi-Factor Authentication (MFA) on critical systems.
Microsoft Entra ID, Google Workspace, Cloudflare ZTNA Email
h
Adhere to default password policies of identity providers.
Configuration of identity provider settings; Regular policy reviews
i
Develop customized password policies with clients.
Consultation sessions; Policy development frameworks
j.
Review and analyze audit and event logs in order to respond to security incidents.
SaaS Alerts, Blumira Free Edition