SUCCESS
  • Home
  • About
  • Controls
    • Governance
    • Access Control
    • Asset Management
    • Data Security
    • Human Resources
    • Software Security
    • Incident Response
    • Vulnerability Management
    • Risk Management
    • Physical Security
    • Team
  • Other Resources
  • More
    • Home
    • About
    • Controls
      • Governance
      • Access Control
      • Asset Management
      • Data Security
      • Human Resources
      • Software Security
      • Incident Response
      • Vulnerability Management
      • Risk Management
      • Physical Security
      • Team
    • Other Resources
SUCCESS
  • Home
  • About
  • Controls
    • Governance
    • Access Control
    • Asset Management
    • Data Security
    • Human Resources
    • Software Security
    • Incident Response
    • Vulnerability Management
    • Risk Management
    • Physical Security
    • Team
  • Other Resources

3 - Strong password policies should be implemented along with Multi-factor authentication.

Purpose:

A documented Information Security Policy helps focus on a set of security priorities specific to the business.


Best Practices:

Set a minimum 10-character password


Examples:

NIST Multi factor guidance

https://www.nist.gov/itl/smallbusinesscyber/guidance-topic/multi-factor-authentication

4 - Access should be granted based on roles and responsibilities to adhere to the principle of least privilege

Purpose:

Support from leadership helps motivate all to care about security


Best Practices:

Remove any access that is not needed when roles change


Copyright © 2023 SUCCESS - All Rights Reserved.

Powered by GoDaddy

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept