💼 A.14.1.2 Securing application services on public networks

• Contextual name: 💼 A.14.1.2 Securing application services on public networks
• ID: /frameworks/iso-iec-27001-2013/14/01/02
• Located in: 💼 A.14.1 Security requirements of information systems

Description

Information involved in application services passing over public networks shall be protected from fraudulent activity, contract dispute and unauthorized disclosure and modification.

Similar

• Internal
  • ID: dec-c-10b04e38

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 PR.AC-5: Network integrity is protected (e.g., network segregation, network segmentation)		10	22
💼 NIST CSF v1.1 → 💼 PR.DS-2: Data-in-transit is protected		16	31
💼 NIST CSF v1.1 → 💼 PR.DS-5: Protections against data leaks are implemented		47	66
💼 NIST CSF v1.1 → 💼 PR.DS-6: Integrity checking mechanisms are used to verify software, firmware, and information integrity		22	26

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (5)

Policy	Logic Count	Flags
📝 AWS DMS Endpoint doesn't use SSL 🟢	1	🟢 x6
📝 AWS S3 Bucket Policy is not set to deny HTTP requests 🟢	1	🟢 x6
📝 Azure App Service FTP deployments are not disabled 🟢	1	🟢 x6
📝 Azure App Service HTTPS Only configuration is not enabled 🟢	1	🟢 x6
📝 Azure PostgreSQL Single Server Infrastructure Double Encryption is not enabled 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-6ed26167	1
✉️ dec-x-75db76ad	1
✉️ dec-x-a4e03389	1
✉️ dec-x-c0a7793e	1
✉️ dec-x-d5fbfc40	1