How do you handle NIST’s separation of duty requirements?
Separation of duty can put stress on smaller organizations. How do you handle the requirements?
Mon, 5/17/2021 at 3:22pm
Image by Free-Photos from Pixabay
Sysadmins, as you know, wear a lot of different hats–meaning that sysadmins do a lot of different jobs and typically have ultimate power in all of them. The all-powerful root user account and its highly-protected password are good examples of that ultimate power. For those of you who perform work that falls under certain regulations, like those of Department of Defense (DoD) project, you may have to comply with guidelines from the National Institute of Standards and Technology (NIST) 800-171, which includes the separation of duties (Control 3.1.4).
Read More at Enable Sysadmin