Control Category: Access Control
-
Limit access
Read more: Limit accessInformation is accessible only for authorized purposes and shared only with those authorized to receive it.
-
Review user access
Read more: Review user accessReview which user accounts have access to information at this level regularly – at least annually.
-
Revoke permissions
Read more: Revoke permissionsRevoke permissions when a user no longer needs access to information (e.g., upon project completion or job change).
-
Host based firewall
Read more: Host based firewallEnable your operating system’s firewall.
-
Least Privilege
Read more: Least PrivilegeUse separate accounts for user and administrative permissions.
-
Screen lock
Read more: Screen lockEnable a screen lock that requires a password to unlock after 15 minutes of inactivity.