πΌ A.14.1.2 Securing application services on public networks
- Contextual name: πΌ A.14.1.2 Securing application services on public networks
- ID:
/frameworks/iso-iec-27001-2013/14/01/02 - Located in: πΌ A.14.1 Security requirements of information systems
Descriptionβ
Information involved in application services passing over public networks shall be protected from fraudulent activity, contract dispute and unauthorized disclosure and modification.
Similarβ
- Internal
- ID:
dec-c-10b04e38
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ PR.AC-5: Network integrity is protected (e.g., network segregation, network segmentation) | 7 | 13 | ||
| πΌ NIST CSF v1.1 β πΌ PR.DS-2: Data-in-transit is protected | 14 | 21 | ||
| πΌ NIST CSF v1.1 β πΌ PR.DS-5: Protections against data leaks are implemented | 43 | 51 | ||
| πΌ NIST CSF v1.1 β πΌ PR.DS-6: Integrity checking mechanisms are used to verify software, firmware, and information integrity | 18 | 19 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (4)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS S3 Bucket Policy is not set to deny HTTP requests π’ | 1 | π’ x6 |
| π Azure App Service FTP deployments are not disabled π’ | 1 | π’ x6 |
| π Azure App Service HTTPS Only configuration is not enabled π’ | 1 | π’ x6 |
| π Azure PostgreSQL Single Server Infrastructure Double Encryption is not enabled π’ | 1 | π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-6ed26167 | 1 | |
| βοΈ dec-x-75db76ad | 1 | |
| βοΈ dec-x-c0a7793e | 1 | |
| βοΈ dec-x-d5fbfc40 | 1 |