Skip to main content

πŸ’Ό IA-2 Identification and Authentication (organizational Users)

  • Contextual name: πŸ’Ό IA-2 Identification and Authentication (organizational Users)
  • ID: /frameworks/nist-sp-800-53-r5/ia/02
  • Located in: πŸ’Ό IA Identification And Authentication

Description​

Uniquely identify and authenticate organizational users and associate that unique identification with processes acting on behalf of those users.

Similar​

  • Sections
    • /frameworks/aws-fsbp-v1.0.0/dms/10
    • /frameworks/aws-fsbp-v1.0.0/dms/11
  • Internal
    • ID: dec-c-bd9069ea

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [DMS.10] DMS endpoints for Neptune databases should have IAM authorization enabled
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [DMS.11] DMS endpoints for MongoDB should have an authentication mechanism enabled

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό FedRAMP High Security Controls β†’ πŸ’Ό IA-2 Identification and Authentication (Organizational Users) (L)(M)(H)613
πŸ’Ό FedRAMP Low Security Controls β†’ πŸ’Ό IA-2 Identification and Authentication (Organizational Users) (L)(M)(H)42
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό PR.AA-01: Identities and credentials for authorized users, services, and hardware are managed by the organization23
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό PR.AA-03: Users, services, and hardware are authenticated22

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό IA-2(1) Identification and Authentication (organizational Users) _ Multi-factor Authentication to Privileged Accounts2
πŸ’Ό IA-2(2) Identification and Authentication (organizational Users) _ Multi-factor Authentication to Non-privileged Accounts2
πŸ’Ό IA-2(3) Identification and Authentication (organizational Users) _ Local Access to Privileged Accounts
πŸ’Ό IA-2(4) Identification and Authentication (organizational Users) _ Local Access to Non-privileged Accounts
πŸ’Ό IA-2(5) Identification and Authentication (organizational Users) _ Individual Authentication with Group Authentication
πŸ’Ό IA-2(6) Identification and Authentication (organizational Users) _ Access to Accounts β€”separate Device2
πŸ’Ό IA-2(7) Identification and Authentication (organizational Users) _ Network Access to Non-privileged Accounts β€” Separate Device
πŸ’Ό IA-2(8) Identification and Authentication (organizational Users) _ Access to Accounts β€” Replay Resistant2
πŸ’Ό IA-2(9) Identification and Authentication (organizational Users) _ Network Access to Non-privileged Accounts β€” Replay Resistant
πŸ’Ό IA-2(10) Identification and Authentication (organizational Users) _ Single Sign-on
πŸ’Ό IA-2(11) Identification and Authentication (organizational Users) _ Remote Access β€” Separate Device
πŸ’Ό IA-2(12) Identification and Authentication (organizational Users) _ Acceptance of PIV Credentials
πŸ’Ό IA-2(13) Identification and Authentication (organizational Users) _ Out-of-band Authentication