💼 IA-2(1) Multi-factor Authentication to Privileged Accounts (L)(M)(H)
- ID:
/frameworks/fedramp-moderate-security-controls/ia/02/01
Description
Implement multi-factor authentication for access to privileged accounts.
IA-2 (1) Additional FedRAMP Requirements and Guidance:
Guidance: Multi-factor authentication to subsequent components in the same user domain is not required.
Requirement: According to SP 800-63-3, SP 800-63A (IAL), SP 800-63B (AAL), and SP 800-63C (FAL).
Requirement: Multi-factor authentication must be phishing-resistant.
Similar
- Sections
/frameworks/fedramp-high-security-controls/ia/02/01
- Internal
- ID:
dec-c-b969b124
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 IA-2(1) Multi-factor Authentication to Privileged Accounts (L)(M)(H) | 3 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (3)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS Account Root User Hardware MFA is not enabled.🟢⚪ | 🟢 x2, ⚪ x1 | no data | |
| 🛡️ AWS Account Root User MFA is not enabled.🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM User MFA is not enabled for all users with console password🟢 | 1 | 🟢 x6 | no data |