Search


Protect Root / Global Admins Account

(Back)

Objective

Protect root or master account used to establish the cloud service.

Key Considerations

Validation

Additional Considerations

Applicable Service Models

References

  1. SPIN 2017-01, subsection 6.2.3
  2. CSE Top 10 #3
  3. Refer to the Recommendations for Two-Factor User Authentication Within the Government of Canada Enterprise Domain
  4. Refer to the following template for an example of a break glass emergency account management procedure.
  5. Refer to the GC Event Logging Guidance
  6. Related security controls: AC‑2, AC‑2(1), AC‑3, AC‑5, AC‑6, AC‑6(5), AC‑6(10), AC‑7, AC‑9, AC‑19, AC‑20(3), IA‑2, IA‑2(1), IA‑2(2), IA‑2(11), IA‑4, IA‑5, IA‑5(1), IA‑5(6), IA‑5(7), IA‑5(13), IA‑6, IA‑8