💼 IA-2 IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS)

• Contextual name: 💼 IA-2 IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS)
• ID: /frameworks/nist-sp-800-53-r4/ia/02
• Located in: 💼 IA IDENTIFICATION AND AUTHENTICATION

Description

The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Similar

• Internal
  • ID: dec-c-6ecbf78d

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 PR.AC-1: Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes		19	30
💼 NIST CSF v1.1 → 💼 PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions		4	13
💼 NIST CSF v1.1 → 💼 PR.AC-7: Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals' security and privacy risks and other organizational risks)		19	23

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 IA-2 (1) NETWORK ACCESS TO PRIVILEGED ACCOUNTS
💼 IA-2 (2) NETWORK ACCESS TO NON-PRIVILEGED ACCOUNTS
💼 IA-2 (3) LOCAL ACCESS TO PRIVILEGED ACCOUNTS
💼 IA-2 (4) LOCAL ACCESS TO NON-PRIVILEGED ACCOUNTS
💼 IA-2 (5) GROUP AUTHENTICATION
💼 IA-2 (6) NETWORK ACCESS TO PRIVILEGED ACCOUNTS - SEPARATE DEVICE
💼 IA-2 (7) NETWORK ACCESS TO NON-PRIVILEGED ACCOUNTS - SEPARATE DEVICE
💼 IA-2 (8) NETWORK ACCESS TO PRIVILEGED ACCOUNTS - REPLAY RESISTANT
💼 IA-2 (9) NETWORK ACCESS TO NON-PRIVILEGED ACCOUNTS - REPLAY RESISTANT
💼 IA-2 (10) SINGLE SIGN-ON
💼 IA-2 (11) REMOTE ACCESS - SEPARATE DEVICE
💼 IA-2 (12) ACCEPTANCE OF PIV CREDENTIALS
💼 IA-2 (13) OUT-OF-BAND AUTHENTICATION

Policies (2)

Policy	Logic Count	Flags
📝 AWS S3 Bucket MFA Delete is not enabled 🟠🟢	1	🟠 x1, 🟢 x6
📝 Google Accounts are not configured with MFA 🟢		🟢 x3

Internal Rules

Rule	Policies	Flags
✉️ dec-z-bb731292	1