💼 IA-2(6) Identification and Authentication (organizational Users) | Access to Accounts —separate Device

ID: /frameworks/nist-sp-800-53-r5/ia/02/06

Description

Implement multi-factor authentication for [Selection (one or more): local; network; remote] access to [Selection (one or more): privileged accounts; non-privileged accounts] such that: (a) One of the factors is provided by a device separate from the system gaining access; and (b) The device meets [Assignment: organization-defined strength of mechanism requirements].

Similar

Sections
- /frameworks/aws-fsbp-v1.0.0/iam/05
- /frameworks/aws-fsbp-v1.0.0/iam/06
Internal
- ID: dec-c-3e8bd6ae

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [IAM.5] MFA should be enabled for all IAM users that have a console password			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [IAM.6] Hardware MFA should be enabled for the root user			1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 FedRAMP High Security Controls → 💼 IA-2(6) Access to Accounts —separate Device (M)(H)			3		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (3)

Policy	Logic Count	Flags	Compliance
🛡️ AWS Account Root User Hardware MFA is not enabled.🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ AWS Account Root User MFA is not enabled.🟢	1	🟢 x6	no data
🛡️ AWS IAM User MFA is not enabled for all users with console password🟢	1	🟢 x6	no data

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (3)​