Indiana State University – Standard for Screen Locking 3.1 3.1.10 Access Control
An example of a screenlocking standard, used by academia.
SEARCH RESULTS
Information Security Oversight Office – CUI Presentation 3.1 3.1.3 Access Control
This ISOO presentation describes CUI program and what it is that needs to be protected.
InfoSec Institute – The Security Awareness Hazards of Removable Media 3.1 3.1.21 3.7 3.7.4 3.8 3.8.5 3.8.6 3.8.7 3.8.8 Access Control Maintenance Media Protection
This article provides an overview of removable media including the risks associated with this technology and how to implement a control policy.
InfoWorld – Manage those Macs: A guide for Windows admins / Set your Mac to log out when not in use 3.1 3.1.11 Access Control
This article describes techniques for automating the management of Apple iOS devices that will allow an admin to push polices such as “Idle-time logoff” to a MAC instead of touching each machine. NIST 800-171 Control: 3.1.11
ISACA – Implementing Segregation of Duties: A Practical Experience Based on Best Practices 3.1 3.1.4 Access Control
This article from ISACA provides an overview of the implementation of SoD based on practical experiences.
ISACA Journal – Capability Framework for Privileged Access Management 3.1 3.1.15 Access Control
This article discusses the elements required of a privileged access program that need to be in place to authorize execution of privileged access commands (PACs) and monitor the use of PACs whether on-line or remote. The whole document is useful, but the section on Privileged Users provides specific guidance how to control who has the right to use PACs
ISACA Journal Article – Data Loss Prevention: Next Steps 3.1 3.1.22 3.5 3.5.1 Access Control Identification and Authentication
This article provides a comprehensive description of Data Loss Prevention (DLP). The article includes best Practices for DLP planning and preparation, and tools for automating DLP.
Linux / UNIX Automatically Logout BASH / TCSH / SSH Users After a Period of Inactivity 3.1 3.1.11 Access Control
This document along with the comments section list Unix scripts that can be used to automatically terminate user sessions.
McAfee Total Protection 3.1 3.1.21 3.7 3.7.4 3.8 3.8.5 3.8.6 3.8.7 3.8.8 Access Control Maintenance Media Protection
McAfee Total Protection to reduce the attack surface
Microsoft – Account Lockout Policy 3.1 3.1.8 Access Control
This article describes how to set an account lockout policy.