Overview:
The information system monitors and controls remote access methods.
Supplemental Guidance:
Automated monitoring and control of remote access sessions allows organizations to detect cyber attacks and also ensure ongoing compliance with remote access policies by auditing connection activities of remote users on a variety of information system components (e.g., servers, workstations, notebook computers, smart phones, and tablets).
Related Controls: AU-2, AU-12
Action Items:
1) Ensure all remote access is monitored
Related Documents:
1) Access Control Policy
2) Logging and Monitoring Policy
3) Remote Access Policy
Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none
Moderate Additional FedRAMP Requirements and Guidance
none
Article ID: 38
Created: September 25, 2022
Last Updated: September 26, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/fedramp-automated-monitoring-control-ac-17-1-38.html