Strong Authentication
At least two kinds of evidence, at least one of which is resistant to replay. Mandatory for all but the most trivial systems and applications.
Privileged Access Management
Limited number of uniquely identified, authenticated, accountable, and supervised privileged users (no sharing of IDs or passwords). Mandatory for all large enterprises, recommended wherever there must be more than one privileged user.
Document Management System
a system, process, or database to capture, track and store electronic documents such as PDFs, word processing objects, and digital images of paper-based content, providing accountability for all content, changes, and access or use. Mandatory for intellectual assets (IP), personally identifiable information (PII), client, customer, and employee relations, or financial records; recommended for all confidential or sensitive information.
Structured Network
Layering of your network such that user to application, application to application, server to server, and server to file and storage system communications are isolated from one another such that any layer to layer communications require additional authentication and privileges or capabilities. This can be implemented using wiring and "firewalls," or cryptography (e.g., VPNs, Software Defined Networks (SDNs). Recommended for all large enterprises.
Posts
No comments:
Post a Comment