800-53|IA-5(8)

Title

MULTIPLE INFORMATION SYSTEM ACCOUNTS

Description

The organization implements [Assignment: organization-defined security safeguards] to manage the risk of compromise due to individuals having accounts on multiple information systems.

Supplemental

When individuals have accounts on multiple information systems, there is the risk that the compromise of one account may lead to the compromise of other accounts if individuals use the same authenticators. Possible alternatives include, for example: (i) having different authenticators on all systems; (ii) employing some form of single sign-on mechanism; or (iii) including some form of one-time passwords on all systems.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: IDENTIFICATION AND AUTHENTICATION

Parent Title: AUTHENTICATOR MANAGEMENT

Family: IDENTIFICATION AND AUTHENTICATION

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
DO3538-ORACLE11 - The Oracle REMOTE_OS_AUTHENT parameter should be set to FALSE - 'remote_os_authent = false'	OracleDB	DISA STIG Oracle 11 Instance v9r1 Database

Detections

Analytics