Compute Resources
5.2 Compute Resources
-
Access Controls:
-
a. Apply Role-Based Access Control (RBAC) on cloud and on-premises systems.
-
b. Set default access permissions to the principle of least privilege.
-
-
c. Offer implementation of Conditional Access Policies as a consulting service based on client requirements.
Technical Controls:
| Control ID | Description | Tools/Methods |
|---|---|---|
| a | Apply Role-Based Access Control (RBAC) on systems. | Access management platforms; Directory services (e.g., Active Directory) |
| b | Set default access permissions to least privilege. | Access control lists (ACLs); Regular access reviews |
| c | Implement Conditional Access Policies as per client requirements. | Conditional access solutions (e.g., Azure Conditional Access); Policy development frameworks |