Crowdstrike – What is the Principle of Least Priviledge (POLP)? 3.1 3.1.5 Access Control
Crowdstrike webpage providing security tips and resources for considerations on least privilege.
SEARCH RESULTS
Cybersecurity and Infrastructure Security Agency – Guidance on Consent Banners 3.1 3.1.9
CISA has identified nine factors that entities should consider as they develop banners that provide notice to employees of network monitoring and seek their consent. There is one set of guidance for state, local, tribal and territorial governments, and another set of guidance for private sector entities.
DoD – Consent Banner with FAQ 3.1 3.1.9
This link provides the standard banner language used within the Department of Defense along with a list of FAQs.
Five Golden Rules for Contractors to Meet New DoD Cyber Mandate 3.1 3.1.7 Access Control
This article from Federal News Network provides an overview of key controls that are essential to NIST SP 800-171 compliance: access controls, awareness and training, audit and accountability, configuration management, and identification and authentication.
Forta – Report: USB threats to ICS systems have nearly doubled 3.1 3.1.21 3.7 3.7.4 3.8 3.8.5 3.8.6 3.8.7 3.8.8 Access Control Maintenance Media Protection
This article provides an overview of the risks associated with removable media for industrial facilities based on a 2020 Honeywell report.
Gartner – Privileged Access Management Reviews and Rankings 3.1 3.1.1 3.1.2 3.1.3 Access Control
This website from Gartner provides reviews and rating for PAM Tools.
Groovy Post – How to Make Windows 11 Lock Automatically After a Set Amount of Inactivity 3.1 3.1.10 Access Control
When you walk away from your computer, you want to make sure to lock it so other people can’t access your machine and its data. You can, of course, manually lock your Windows 11 PC down by hitting Windows Key + L or Ctrl + Alt + Del. But sometimes you forget. The cool thing is you can make Windows 11 lock automatically after a set time of inactivity. Here is a look at a few ways you can set this up.
Indiana State University – Standard for Screen Locking 3.1 3.1.10 Access Control
An example of a screenlocking standard, used by academia.
Information Security Oversight Office – CUI Presentation 3.1 3.1.3 Access Control
This ISOO presentation describes CUI program and what it is that needs to be protected.
InfoSec Institute – The Security Awareness Hazards of Removable Media 3.1 3.1.21 3.7 3.7.4 3.8 3.8.5 3.8.6 3.8.7 3.8.8 Access Control Maintenance Media Protection
This article provides an overview of removable media including the risks associated with this technology and how to implement a control policy.