Skip to main content

💼 A.9.4.1 Information access restriction

  • ID: /frameworks/iso-iec-27001-2013/09/04/01

Description

Access to information and application system functions shall be restricted in accordance with the access control policy.

Similar

  • Internal
    • ID: dec-c-cd9e50e8

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 NIST CSF v1.1 → 💼 PR.AC-4: Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties1756no data
💼 NIST CSF v1.1 → 💼 PR.DS-5: Protections against data leaks are implemented4791no data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (20)

PolicyLogic CountFlagsCompliance
🛡️ AWS DMS Replication Instance is publicly accessible🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted CIFS traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to MongoDB🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to MSSQL🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to MySQL🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to Oracle DBMS🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to PostgreSQL🟢1🟢 x6no data
🛡️ AWS IAM Policy allows full administrative privileges🟢1🟢 x6no data
🛡️ AWS RDS Instance is publicly accessible and in an unrestricted public subnet🟢1🟢 x6no data
🛡️ AWS RDS Snapshot is publicly accessible🟢1🟢 x6no data
🛡️ AWS S3 Bucket is not configured to block public access🟢1🟢 x6no data
🛡️ Azure Cosmos DB Account Private Endpoints are not used🟢1🟢 x6no data
🛡️ Azure Cosmos DB Account Virtual Network Filter is not enabled🟢1🟢 x6no data
🛡️ Azure Cosmos DB Entra ID Client Authentication is not used🟢⚪🟢 x2, ⚪ x1no data
🛡️ Azure Network Security Group allows public access to HTTP(S) ports🟢1🟢 x6no data
🛡️ Azure Network Security Group allows public access to RDP port🟢1🟢 x6no data
🛡️ Azure Network Security Group allows public access to SSH port🟢1🟢 x6no data
🛡️ Azure PostgreSQL Flexible Server Firewall Rules allow access to Azure services🟢1🟢 x6no data
🛡️ Azure SQL Database allows ingress from 0.0.0.0/0 (ANY IP)🟢1🟢 x6no data
🛡️ Azure Storage Account Allow Blob Anonymous Access is enabled🟢1🟢 x6no data

Internal Rules

RulePoliciesFlags
✉️ dec-x-3e379c671
✉️ dec-x-4c15a09f1
✉️ dec-x-14bf01f31
✉️ dec-x-46a83a301
✉️ dec-x-157aa4b91
✉️ dec-x-0289e9c91
✉️ dec-x-599c86b41
✉️ dec-x-083928f51
✉️ dec-x-637372481
✉️ dec-x-b4d3d9dc2
✉️ dec-x-b33429051
✉️ dec-x-bf1f13f61
✉️ dec-x-ca1c0c0d1
✉️ dec-x-e02b5fdd1
✉️ dec-x-ec547a7c1
✉️ dec-x-f4cc003a1
✉️ dec-x-f12d78aa1
✉️ dec-x-f937c35f1
✉️ dec-z-c82c9f971