ISACA Journal – Capability Framework for Privileged Access Management
3.1 3.1.15 Access Control
https://www.isaca.org/resources/isaca-journal/issues/2017/volume-1/capability-framework-for-privileged-access-management
This article discusses the elements required of a privileged access program that need to be in place to authorize execution of privileged access commands (PACs) and monitor the use of PACs whether on-line or remote. The whole document is useful, but the section on Privileged Users provides specific guidance how to control who has the right to use PACs
https://www.isaca.org/resources/isaca-journal/issues/2018/volume-1/data-loss-preventionnext-steps
This article provides a comprehensive description of Data Loss Prevention (DLP). The article includes best Practices for DLP planning and preparation, and tools for automating DLP.
Linux / UNIX Automatically Logout BASH / TCSH / SSH Users After a Period of Inactivity
3.1 3.1.11 Access Control
https://www.cyberciti.biz/faq/linux-unix-login-bash-shell-force-time-outs/
This document along with the comments section list Unix scripts that can be used to automatically terminate user sessions.
https://www.mcafee.com/en-us/antivirus/mcafee-total-protection.html
McAfee Total Protection to reduce the attack surface
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-policy
This article describes how to set an account lockout policy.
Microsoft – Interactive logon: Machine inactivity limit
3.1 3.1.10 Access Control
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit
This article describes how to configure inactivity timeouts on Windows.
Microsoft – Microsoft network server: Amount of idle time required before suspending session
3.1 3.1.11 Access Control
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session
This article describes best practices for automatically terminating user sessions on a Microsoft Network Server.
Microsoft – Set the account lockout threshold to recommended value
3.1 3.1.8 Access Control
https://learn.microsoft.com/en-us/services-hub/unified/health/remediation-steps-ad/set-the-account-lockout-threshold-to-the-recommended-value
This article describes mechanisms to limit unsuccessful logon attempts and why it is important.
Microsoft – Use Remote Access Monitoring and Accounting – Microsoft Windows
3.1 3.1.12 Access Control
https://learn.microsoft.com/en-us/windows-server/remote/remote-access/ras/monitoring-and-accounting/use-remote-access-monitoring-and-accounting
This document contains instructions for leveraging the monitoring capabilities of Remote Access by using the DirectAccess management console and the corresponding Windows PowerShell cmdlets, which are provided as part of the Remote Access server role.
Microsoft – Implementing Least-Privileged Administrative Models
3.1 3.1.5 Access Control
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/implementing-least-privilege-administrative-models
Microsoft security best practices for employment of the least privilege principle.
