Skip to main content

💼 A.14.1.3 Protecting application services transactions

Contextual name: 💼 A.14.1.3 Protecting application services transactions
ID: /frameworks/iso-iec-27001-2013/14/01/03
Located in: 💼 A.14.1 Security requirements of information systems

Description

Information involved in application service transactions shall be protected to prevent incomplete transmission, mis-routing, unauthorized message alteration, unauthorized disclosure, unauthorized message duplication or replay.

Similar

Internal
- ID: dec-c-67f28c75

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 PR.AC-5: Network integrity is protected (e.g., network segregation, network segmentation)		10	22
💼 NIST CSF v1.1 → 💼 PR.DS-2: Data-in-transit is protected		16	31
💼 NIST CSF v1.1 → 💼 PR.DS-5: Protections against data leaks are implemented		47	66
💼 NIST CSF v1.1 → 💼 PR.DS-6: Integrity checking mechanisms are used to verify software, firmware, and information integrity		22	26
💼 NIST CSF v1.1 → 💼 PR.PT-4: Communications and control networks are protected		10	22

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (14)

Policy	Logic Count	Flags
📝 AWS CloudFront Web Distribution Cache Behaviors allow unencrypted traffic 🟢	1	🟢 x6
📝 AWS CloudFront Web Distribution does not encrypt traffic to Custom Origins 🟢	1	🟢 x6
📝 AWS DMS Endpoint doesn't use SSL 🟢	1	🟢 x6
📝 AWS S3 Bucket Policy is not set to deny HTTP requests 🟢	1	🟢 x6
📝 Azure App Service FTP deployments are not disabled 🟢	1	🟢 x6
📝 Azure App Service HTTPS Only configuration is not enabled 🟢	1	🟢 x6
📝 Azure MySQL Flexible Server require_secure_transport Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure PostgreSQL Flexible Server require_secure_transport Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure PostgreSQL Single Server Enforce SSL Connection is not set enabled 🟢	1	🟢 x6
📝 Azure PostgreSQL Single Server Infrastructure Double Encryption is not enabled 🟢	1	🟢 x6
📝 Azure Storage Account Secure Transfer Required is not enabled 🟢	1	🟢 x6
📝 Google BigQuery Dataset is anonymously or publicly accessible 🟢	1	🟢 x6
📝 Google HTTPS or SSL Proxy Load Balancer permits SSL policies with weak cipher suites 🟢		🟢 x3
📝 Google Storage Bucket is anonymously or publicly accessible 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-6ed26167	1
✉️ dec-x-14f5fc25	1
✉️ dec-x-75db76ad	1
✉️ dec-x-791dab13	1
✉️ dec-x-3181f359	1
✉️ dec-x-995424b7	2
✉️ dec-x-a4e03389	1
✉️ dec-x-c0a7793e	1
✉️ dec-x-d5fbfc40	1
✉️ dec-x-d95ea48b	1

Description
Similar
Similar Sections (Give Policies To)
Sub Sections
Policies (14)
Internal Rules