Best Practices Database
Best Practices Database
- David Doret
Owned by David Doret
Last updated: 15-28-2021
- BP-0002: Leverage Data Lineage to Identify Unauthorized Access
- BP-0026: IAM Program Benchmarking
- OM-BP-0001: Account Ownership (Best Practice)
- OM-BP-0003: Best Practice Ownership IAM Objects
- OM-BP-0004: Make MFA Mandatory (Best Practice)
- OM-BP-0005: Reduce Timeouts for More Privileged Sessions (Best Practice)
- OM-BP-0006: Enforce MFA on network access for support (Best Practice)
- OM-BP-0007: Enforce just-in-time access on network access for support (Best Practice)
- OM-BP-0008: Make MFA mandatory for high privileged accounts (Best Practice)
- OM-BP-0009: Use robust factors for MFA (Best Practice)
- OM-BP-0010: Use passwordless authentication (Best Practice)
- OM-BP-0011: Assure systems issue access tokens for short periods of time (Best Practice)
- OM-BP-0012: Remove unnecessary service accounts (Best Practice)
- OM-BP-0013: Rotate service accounts credentials frequently (Best Practice)
- OM-BP-0014: Monitor all privileged account activity to detect suspicious behavior (Best Practice)
- OM-BP-0015: Grant access to Serverless Computing functions via RBAC and apply least privilege (Best Practice)
- OM-BP-0016: Design a naming convention scheme for roles that assure unique, unambiguous names for each (Best Practice)
- OM-BP-0017: Remove orphans in systems requiring the declaration of user accounts in multiple sub-systems (Best Practice)
- OM-BP-0018: Protect MFA integration secrets (Best Practice)
- OM-BP-0019: Align Role Model with HR (Best Practice)
- OM-BP-0020: Align Role Model with Business Continuity (Best Practice)
- OM-BP-0021: Provide Clear Guidelines on The Scope of Security versus Business Policy Rules (Best Practice)
- OM-BP-0022: Centralize authorization management outside applications (Best Practice)
- OM-BP-0024: Assure Adequate Economic Incentives and Contractual Arrangements for Federation Actors
- OM-BP-0025: Reset all credentials and secrets following a breach
- Orphan Accounts Cleaning
- People are trained on processes
- Processes are documented
, multiple selections available,
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.
