Controls

Terug naar overzicht
Version

SB.13.006 Session Management for Privileged Access

High
High
High
Privileged Access Management
System Owner
v2.0 (Q1 2024)

Description

Privileged Access to IT services is orchestrated through a Privileged Access Management (PAM) system.

Actions taken using privileged accounts are logged or recorded. These actions are reviewed (either sample-based or systematically).

Credentials to privileged accounts are not exposed to end users.

When passwords are used instead of cryptographic keys or passwordless authentication, passwords are rotated automatically (one-time-use passwords) at the end of the session.

Specification

Reports on usage of privileged accounts is available and frequently checked for deviations.