12.12: Manage All Devices Remotely Logging Into Internal Network
Scan all enterprise devices remotely logging into the organization’s network prior to accessing the network to ensure that each of the organization’s security policies has been enforced in the same manner as local network devices.
Asset Type |
Security Function |
Implementation Groups |
|---|---|---|
Devices |
Protect |
3 |
Dependencies
Sub-control 16.1: Maintain an Inventory of Authentication Systems
Inputs
List of the organization’s authentication systems that allow remote logins (subset of Inventory of Authentication Systems). For each, provide the configuration location(s) for the mechanisms used to ensure remote device security policy enforcement.
Approved configuration(s) for each type of remote device security policy enforcement mechanism provided in Input 1
Operations
- For each authentication system in Input 1, check each of the enforcement mechanisms provided for that authentication system against the appropriate approved configuration(s) provided in Input 2.
Create a list of those authentication systems for which all of the associated enforcement mechanisms comply with the approved configuration(s) noting which configurations were checked (M1).
Create a list of those authentication systems for which at least one of the associated enforcement mechanisms does not comply with the appropriate configurations, noting the configurations checked and any deviations (M2).
Measures
M1 = List of authentication systems that have properly configured mechanisms in place to ensure that organizational security policies are enforced in remote devices (compliant list)
M2 = List of authentication systems that do not have properly configured mechanisms in place to ensure that organizational security policies are enforced in remote devices (non-compliant list)
M3 = Count of authentication systems with properly configured mechanisms in place (count of M1)
M4 = The total number of authentication systems that allow remote connections (count of Input 1)
Metrics
Coverage
Metric |
The ratio of authentication systems with properly configured mechanisms to ensure that
organizational security policies are enforced in remote devices to the total number of
authentication systems
|
Calculation |
|