Summer Regulatory Summit eBook

First page Table of contents Previous page 203 Next page Last page

2. Additional Security for Admins

o Does the Organization require additional security controls around administrative accounts? (stronger passwords, additional monitoring, etc.) o Do these additional security controls include multi-factor authentication (MFA) for all admin access to directory services, backup environments, network infrastructure, endpoints/servers?

CONTROL

o CIS MS-ISAC Security Primer – Securing Login Credentials o FFIEC Guidance Authentication and Access to Financial Organization Services and Systems (August 2021) o Cyber Insurance Provider Requirements

GUIDANCE

© SBS CyberSecurity, LLC www.sbscyber.com

7

Made with FlippingBook Digital Publishing Software