Additional Content>NIST-800-53 Access Controls: How did you score?
NIST-800-53 Access Controls: How did you score?
Unfortunately, most organizations spend a lot of time and a fortune trying to implement the 22 different controls making up the NIST-800-53 Access Control family. Sound familiar?
IS Decisions strives to provide easy to implement solutions that leverage your existing Windows Infrastructure (Active Directory). Two high priority AC’s (9 & 10) are met with the UserLock solution.
Download the UserLock evaluation version and the Getting Started Guide. If you follow the guide, you will have a configuration that meets AC 9 & AC 10 in about 15 minutes!
Take the challenge
Other agencies and organizations tried and are now UserLock customers: ATF, FBI, DEA, ARMY, School Districts, municipalities, Veterans Affairs, BAE, Lockheed Martin, Government contractors and local government
To jog your memory, here’s a quick description of the controls:
AC-9 – Previous Logon (Access) Notification (High)
The information system notifies the user of two things upon successful logon: 1) the date and time of the last logon (access), both successful and unsuccessful and 2) the number of unsuccessful logon/access attempts since the last successful logon/access.
This is covered by the out of the box “welcome message” in UserLock.
AC-10 – Concurrent Session Control (High)
The information system limits the number of concurrent sessions for each system account to one (1) session. Windows administrators know that this is not native functionality.
UserLock provides this functionality by applying rules to your Active Directory infrastructure. It takes a few minutes to configure.
View UserLock features