⭐ Repository → 💼 SOC 2 → 💼 CC6 Logical and Physical Access Controls → 💼 CC6.1 The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity's objectives.
💼 CC6.1-4 Identifies and Authenticates Users
- ID:
/frameworks/soc-2/cc6/01/04
Description
Persons, infrastructure and software are identified and authenticated prior to accessing information assets, whether locally or remotely.
Similar
- Internal
- ID:
dec-c-1e070472
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (6)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS IAM Policy allows full administrative privileges🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM User has inline or directly attached policies🟢 | 1 | 🟠 x1, 🟢 x5 | no data |
| 🛡️ Azure App Service is not registered with Microsoft Entra ID🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Consumer Google Accounts are used🟢⚪ | 🟢 x2, ⚪ x1 | no data | |
| 🛡️ Google GCE Instance OS Login is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google IAM Service Account has admin privileges🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-1fc681bc | 1 | |
| ✉️ dec-x-157aa4b9 | 1 | |
| ✉️ dec-x-4157c58a | 1 | |
| ✉️ dec-z-79f4ab88 | 1 |