3.2.2.2: Windows

From HORSE - Holistic Operational Readiness Security Evaluation.
Revision as of 18:18, 2 May 2006 by Mdpeters (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

1. Risk: Unauthorized access attempts go unnoticed.

a. SOX.4.2.2.1: WINDOWS authentication attempts are limited to attempts specified by the Corporate IT standard.


2. Risk: Unauthorized execution of privileged system commands may disrupt business processes, and corrupt critical business data stores.

a. SOX.4.2.2.2: WINDOWS administrator level access is password restricted and is limited to the designated WINDOWS administrators only.


3. Risk: Unscheduled access by support vendors may result in business process interruptions or loss of production data.

a. SOX.4.2.2.3: WINDOWS access by support vendors is granted through a service request.


4. Risk: Unauthorized users might exploit unauthorized access to critical business processes and data.

a. SOX.4.2.2.5: The WINDOWS operating application has a session "Time-Out" function enabled.


5. Risk: Unnecessary disruptions to business processes or data corruption may occur.

a. SOX.4.2.2.6: WINDOWS rule changes are scheduled during maintenance windows.


6. Risk: Unidentifiable users may compromise critical business processes and data.

a. SOX.4.2.2.7: The WINDOWS system will not allow identical administrator IDs.


7. Risk: Insufficient security standards may allow unauthorized access to production systems and business data stores.

a. SOX.4.2.2.8: WINDOWS passwords are required for each administrator ID. Password configuration is based on Corporate IT standards.


8. Risk: Inappropriate administrative actions are executed without accountability measures.

a. SOX.4.2.2.9: The WINDOWS operating application has the functionality to monitor administrator access related events.


9. Risk: Reactive security monitoring results in data compromise and financial loss or liability.

a. SOX.4.2.2.10: WINDOWS administration team is notified when security violations occur.


10. Risk: Forensic evidence is not available to resolve malfunctions, compromises or other security compromising incidents.

a. SOX.4.2.2.11: The WINDOWS administration team reviews security logs looking for security violations.


11. Risk: Unauthorized access is granted to business systems or data stores.

a. SOX.4.2.2.12: WINDOWS access is granted through a service request.


12. Risk: Unauthorized access may occur resulting in business data compromise or destruction.

a. SOX.4.2.2.13: Terminations are sent through the HR process. An Email is sent from HR with all terminations to the WINDOWS system administrators.


13. Risk: Insufficient security standards may allow unauthorized access to production systems and business data stores.

a. SOX.4.2.2.14: WINDOWS password expiration is set to Corporate IT standards.


14. Risk: Security violations or data corruption may occur with no forensic evidence available to resolve the situation.

a. SOX.4.2.2.15: WINDOWS rules and logging is applied to everyone equally including system administrators.


15. Risk: Unauthorized access (i.e. terminated employees) may occur.

a. SOX.4.2.2.16: A semi-annual revalidation of WINDOWS administrator accounts are performed by security administration.


16. Risk: Unauthorized execution of privileged system commands may disrupt business processes, and corrupt critical business data stores.

a. SOX.4.2.2.17: Root level access is password restricted. This password is know only by system the administrators.
Retrieved from "http://horseproject.wiki/index.php?title=3.2.2.2:_Windows&oldid=1536"