πΌ CC6.1-4 Identifies and Authenticates Users
- Contextual name: πΌ CC6.1-4 Identifies and Authenticates Users
- ID:
/frameworks/soc-2/cc6/01/04 - Located in: πΌ CC6.1 The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity's objectives.
Descriptionβ
Persons, infrastructure and software are identified and authenticated prior to accessing information assets, whether locally or remotely.
Similarβ
- Internal
- ID:
dec-c-1e070472
- ID:
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (4)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS IAM Policy allows full administrative privileges π’ | 1 | π’ x6 |
| π AWS IAM User has inline or directly attached policies π’ | 1 | π x1, π’ x5 |
| π Azure App Service is not registered with Microsoft Entra ID π’ | 1 | π’ x6 |
| π Consumer Google Accounts are used π’ | π’ x3 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-1fc681bc | 1 | |
| βοΈ dec-x-157aa4b9 | 1 | |
| βοΈ dec-x-4157c58a | 1 | |
| βοΈ dec-z-79f4ab88 | 1 |