πΌ IA-2 Identification and Authentication (Organizational Users) (L)(M)(H)
- Contextual name: πΌ IA-2 Identification and Authentication (Organizational Users) (L)(M)(H)
- ID:
/frameworks/fedramp-moderate-security-controls/ia/02 - Located in: πΌ Identification and Authentication
Descriptionβ
Uniquely identify and authenticate organizational users and associate that unique identification with processes acting on behalf of those users.
IA-2 Additional FedRAMP Requirements and Guidance:
Guidance: "Phishing-resistant" authentication refers to authentication processes designed to detect and prevent disclosure of authentication secrets and outputs to a website or application masquerading as a legitimate system.
Requirement: For all control enhancements that specify multifactor authentication, the implementation must adhere to the Digital Identity Guidelines specified in NIST Special Publication 800-63B.
Requirement: Multi-factor authentication must be phishing-resistant.
Requirement: All uses of encrypted virtual private networks must meet all applicable Federal requirements and architecture, dataflow, and security and privacy controls must be documented, assessed, and authorized to operate.
Similarβ
- Sections
/frameworks/fedramp-high-security-controls/ia/02
- Internal
- ID:
dec-c-eb896af4
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ IA-2 Identification and Authentication (Organizational Users) (L)(M)(H) | 6 | 1 | 3 |
Sub Sectionsβ
Policies (1)β
| Policy | Logic Count | Flags |
|---|---|---|
| π Consumer Google Accounts are used π’ | π’ x3 |