Description:
Routing remote access through managed access control points enhances explicit, organizational control over such connections, reducing the susceptibility to unauthorized access to organizational systems resulting in the unauthorized disclosure of CUI.
Priority: High
Category: Network Security
Services Associated with AWS:
- AWS Virtual Private Network (VPN), AWS Direct Connect, AWS Transit Gateway
Objective Evidence:
- Administrative: documented policies, standards & procedures
- Administrative: supporting documentation to demonstrate the "secure practices" used to build technology platform-specific secure baseline configurations
- Technical: screen shot of firewall/VPN settings
Possible Technology Considerations:
- VPN Concentrator Secure Baseline Configurations (SBC)
What needs to be answered:
Is remote access only maintained by the IT department and routed through a limited number of managed access control points?
- Ensure Routing of Remote Access Via Managed Control Points
Description: This check confirms that remote access is routed through managed access control points, enhancing organizational control over such connections and reducing the susceptibility to unauthorized access.
More details: Remote access is managed via a controlled access point.