Enterprise Monitoring Accounts
(Back)
Objective
Create role-based account to enable enterprise monitoring and visibility
Applicable Service Models
IaaS, PaaS, SaaS
Mandatory Requirements
| Activity | Validation |
|---|---|
| <ul><li>Create role-based accounts to enable enterprise monitoring and visibility for cloud environments that are procured via the GC Cloud Broker or are included in the scope of centralized guardrails validation.</li></ul> | <ul><li>Verify that roles required to enable visibility in the GC have been provisioned or assigned.</li></ul> |
| <ul><li>Review access privileges periodically and remove access when it is no longer required.</li></ul> | <ul><li>CConfirm that alerts to authorized personnel have been implemented to flag misuse, suspicious sign-in attempts, or when changes are made to privileged and non-privileged accounts.</li></ul> |
Additional Considerations
None
References
- Direction on the Secure Use of Commercial Cloud Services: Security Policy Implementation Notice (SPIN) 2017-01, subsection 6.2.3
- Cyber Centre’s top 10 IT security actions, number 2
- IT Security Risk Management: A Lifecycle Approach (ITSG-33), Annex 3A: Security Control Catalogue, AC-3(7)
Related security controls from ITSG-33
AC-3(7), AC-6(5), IA-2(1)
Page details
- Date modified: