Tech Target – What Is Remote Desktop? 3.1 3.1.12 Access Control
This article provides an overview of remote desktop and its capabilities.
SEARCH RESULTS
Texas A&M IT Policy – Access Control – Publicly Accessible Content 3.1 3.1.22 Access Control
This is an example of a policy that fulfills AC.1.1004 Control information posted or processed on publicly accessible information systems.
The Missing Report – Phone Security: 20 Ways to Secure Your Mobile Phone 3.1 3.1.18 3.1.19 Access Control
This article provides companies with ideas on how to mitigate the risk that mobiles carry with them as attackers turn to target them.
The State of North Carolina – Access Control Policy 3.1 3.1.3 Access Control
The NC policy describes common security controls (e.g., proxies, gateways, routers, firewalls, guards, encrypted tunnels, web content filters, data loss prevention) and their application in controlling information flows. (See Section AC-4 – Information Flow Enforcement, p. 6)
TOTEM – Why is separation of duties required by NIST 800-171 and CMMC? 3.1 3.1.4 Access Control
This post provides information as well as a downloadable worksheet that organizations can use to plan and demonstrate separation of duties.
Tripwire – USB Threats to Cybersecurity of Industrial Facilities 3.1 3.1.21 3.7 3.7.4 3.8 3.8.5 3.8.6 3.8.7 3.8.8 Access Control Maintenance Media Protection
This article provides an overview of the risks associated with removable media for industrial facilities based on a 2018 Honeywell report.
University of California San Francisco – Wireless RF Design Guideline 3.1 3.1.16 3.1.17 Access Control
This example policy from UCSF describes their organized approach in deploying wireless technologies on the enterprise network.
University of California Santa Cruz – Protecting Electronic Restricted Data 3.1 3.1.22 Access Control
This example IT practices document from UC Santa Cruz lays out practices for protecting restricted data.
University of Cincinnati – Privileged Access Policy 3.1 3.1.15 Access Control
The policy provides a background of who is granted privileged access. On page 2, the policy indicates that “If access is required when off-campus, then the user must use the university’s VPN and university approved multi-factor authentication. Wherever and whenever possible Privileged Access users must utilize university approved multi-factor authentication.”
University of Michigan – Access, Authorization, and Authentication Management 3.1 3.1.1 3.1.2 Access Control
This sample policy from Michigan is an example of how an organization can provision and deprovision access to systems and applications.