💼 CC6.1-6 Manages Points of Access
- ID:
/frameworks/soc-2/cc6/01/06
Description
Points of access by outside entities and the types of data that flow through the points of access are identified, inventoried, and managed. The types of individuals and systems using each point of access are identified, documented, and managed.
Similar
- Internal
- ID:
dec-c-bd02febe
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (7)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS RDS Instance is publicly accessible and in an unrestricted public subnet🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Snapshot is publicly accessible🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Cosmos DB Account Private Endpoints are not used🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Cosmos DB Account Virtual Network Filter is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Cosmos DB Entra ID Client Authentication is not used🟢⚪ | 🟢 x2, ⚪ x1 | no data | |
| 🛡️ Azure SQL Database allows ingress from 0.0.0.0/0 (ANY IP)🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google GCE Instance OS Login is not enabled🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-46a83a30 | 1 | |
| ✉️ dec-x-0289e9c9 | 1 | |
| ✉️ dec-x-b4d3d9dc | 2 | |
| ✉️ dec-x-b3342905 | 1 | |
| ✉️ dec-x-f937c35f | 1 |