CISA and NSA Release Enduring Security Framework Guidance on Identity and Access Management

["CISA" <CISA () messages cisa gov>]

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

You are subscribed to Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information 
has recently been updated, and is now available.

CISA and NSA Release Enduring Security Framework Guidance on Identity and Access Management [ 
https://www.cisa.gov/news-events/alerts/2023/03/21/cisa-and-nsa-release-enduring-security-framework-guidance-identity-and-access-management
 ] 03/21/2023 03:08 PM EDT 

As part of the Enduring Security Framework (ESF), the Cybersecurity and Infrastructure Security Agency (CISA) and the 
National Security Agency (NSA) has released Identity and Access Management Recommended Best Practices Guide for 
Administrators [ 
https://media.defense.gov/2023/Mar/21/2003183448/-1/-1/0/ESF%20IDENTITY%20AND%20ACCESS%20MANAGEMENT%20RECOMMENDED%20BEST%20PRACTICES%20FOR%20ADMINISTRATORS%20PP-23-0248_508C.PDF
 ]. These recommended best practices provide system administrators with actionable recommendations to better secure 
their systems from threats to Identity and Access Management (IAM).

IAM—a framework of business processes, policies, and technologies that facilitate the management of digital 
identities—ensures that users only gain access to data when they have the appropriate credentials. This paper provides 
recommended best practices and mitigations [ 
https://media.defense.gov/2023/Mar/21/2003183448/-1/-1/0/ESF%20IDENTITY%20AND%20ACCESS%20MANAGEMENT%20RECOMMENDED%20BEST%20PRACTICES%20FOR%20ADMINISTRATORS%20PP-23-0248_508C.PDF
 ] to counter threats to IAM related to:


  * identity governance 
  * environmental hardening 
  * identity federation/single sign-on 
  * multifactor authentication 
  * IAM auditing and monitoring 

This guidance  [ 
https://media.defense.gov/2023/Mar/21/2003183448/-1/-1/0/ESF%20IDENTITY%20AND%20ACCESS%20MANAGEMENT%20RECOMMENDED%20BEST%20PRACTICES%20FOR%20ADMINISTRATORS%20PP-23-0248_508C.PDF
 ]was developed and published by a CISA- and NSA-led working panel with ESF, a public-private cross-sector partnership 
that aims to address risks that threaten critical infrastructure and national security systems.

Please share your thoughts. We recently updated our anonymous Product Feedback [ 
https://www.surveymonkey.com/r/CISA-cyber-survey?product=%5bproduct_value%5d ] Survey and we'd welcome your feedback.

This product is provided subject to this Notification [ https://www.cisa.gov/terms-use ] and this Privacy & Use [ 
https://www.dhs.gov/privacy-policy ] policy.

 

body { font-size: 1em; font-family: Arial, Verdana, sans-serif; font-weight: normal; font-style: normal; color: 
#333333; } 

Having trouble viewing this message? View it as a webpage [ 
https://content.govdelivery.com/accounts/USDHSCISA/bulletins/3501414 ].  [ 
https://content.govdelivery.com/accounts/USDHS/bulletins/292141e ]

You are subscribed to updates from the Cybersecurity and Infrastructure Security Agency [ https://www.cisa.gov ] (CISA)
Manage Subscriptions [ https://public.govdelivery.com/accounts/USDHSCISA/subscriber/edit?preferences=true#tab1 ]  |  
Privacy Policy [ https://www.cisa.gov/privacy-policy ]  |  Help [ 
https://subscriberhelp.granicus.com/s/article/Subscriber-Help-Center ] [ 
https://insights.govdelivery.com/Communications/Subscriber_Help_Center ]

Connect with CISA: 
Facebook [ https://www.facebook.com/CISA ]  |  Twitter [ https://twitter.com/CISAgov ]  |  Instagram [ 
https://Instagram.com/cisagov ]  |  LinkedIn [ 
https://www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency ]  |   YouTube [ 
https://www.youtube.com/channel/UCxyq9roe-npgzrVwbpoAy0A ]

________________________________________________________________________

This email was sent to  using GovDelivery Communications Cloud, on behalf of: Cybersecurity and Infrastructure Security 
Agency · 707 17th St, Suite 4000 · Denver, CO 80202 GovDelivery logo [ https://subscriberhelp.granicus.com/ ] 
body .abe-column-block { min-height: 5px; } table.gd_combo_table img {margin-left:10px; margin-right:10px;} 
table.gd_combo_table div.govd_image_display img, table.gd_combo_table td.gd_combo_image_cell img {margin-left:0px; 
margin-right:0px;}