Content library
CyberFundamentals (Belgium)
PR.MA-2: Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access.

How to fill the requirement

CyberFundamentals (Belgium)

PR.MA-2: Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access.

Task name
Priority
Status
Theme
Policy
Other requirements
Remote maintenance of assets
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Network security
requirements

Task is fulfilling also these other security requirements

PR.MA-2: Asset remote management and repair
NIST
PR.MA-2: Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access.
CyFun
1. Task description

Remote maintenance and repair of an organization's assets must be performed so that it is approved, logged, and performed in a manner that prevents unauthorized access. The person conducting the remote maintenance and repair must be required to perform multi-step authentication.

Remote connection management
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Network security
requirements

Task is fulfilling also these other security requirements

PR.AC-3: Remote access management
NIST
I-18: TURVALLISUUSLUOKITELTUJEN TIETOJEN VÄLITYS JA KÄSITTELY FYYSISESTI SUOJATTUJEN ALUEIDEN VÄLILLÄ - ETÄKÄYTTÖ JA ETÄHALLINTA
Katakri 2020
5.1.2: Information transfer
TISAX
PR.MA-2: Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access.
CyFun
PR.AC-3: Remote access is managed.
CyFun
1. Task description

The organization shall ensure that the monitoring and management of remote connections is automated, that remote connections are encrypted to ensure their integrity and reliability, and that remote connections pass only through approved and managed Network Access Control (NAC).

The organization must also make possible for the remote connections to be closed within a specified time.

No items found.