Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
PR.AA-01.4: For transactions within the organisation's critical systems, the organisation shall implement Multi Factor Authentication (MFA), cryptographic certificates, identity tokens, cryptographic keys and other credentials as appropriate and where feasible. |
|
PR.AA-01.4 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p85 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to ensure that strong authentication mechanisms are applied to transactions within critical systems.This includes using Multi-FactorAuthentication (MFA – PR.AA-03.2), cryptographic credentials, and other secure methods to protect sensitive operations and data exchanges. To achieve this goal, the organisation should: • Apply Strong Authentication to Critical Transactions Transactions involving access to sensitive data, system configuration changes, command execution, user/ device authentication, or data transmission between systems should be protected using MFA, identity tokens, cryptographic keys, or certificates, where feasible. • Use Context-Aware and Behaviour-Based Authentication Strong authentication should include context-based checks (e.g. location, time, device) and behavioural biometrics (e.g. typing patterns) to detect anomalies and enhance security. • Combine MFAwith Single Sign-On (SSO) MFA should be integrated with SSO solutions to streamline access while maintaining robust protection for internal and external critical systems. • Manage Cryptographic Credentials Securely Cryptographic certificates, identitytokens, and keys should be issued, stored, rotated, and revoked securely. This supports the secure implementation of strong authentication mechanisms required by this control and complements PR.AA-03.2, which mandates MFA for remote access. • Ensure OT-Specific Feasibility In OT environments, authentication methods should be adapted to system constraints, legacy equipment, and operational continuity requirements. Coordination with engineering teams may be necessary to imple- ment feasible solutions. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure that strong authentication mechanisms are applied to transactions within critical systems.This includes using Multi-FactorAuthentication (MFA – PR.AA-03.2), cryptographic credentials, and other secure methods to protect sensitive operations and data exchanges. To achieve this goal, the organisation should:</p><ul><li>Apply Strong Authentication to Critical Transactions Transactions involving access to sensitive data, system configuration changes, command execution, user/ device authentication, or data transmission between systems should be protected using MFA, identity tokens, cryptographic keys, or certificates, where feasible.</li><li>Use Context-Aware and Behaviour-Based Authentication Strong authentication should include context-based checks (e.g. location, time, device) and behavioural biometrics (e.g. typing patterns) to detect anomalies and enhance security.</li><li>Combine MFAwith Single Sign-On (SSO) MFA should be integrated with SSO solutions to streamline access while maintaining robust protection for internal and external critical systems.</li><li>Manage Cryptographic Credentials Securely Cryptographic certificates, identitytokens, and keys should be issued, stored, rotated, and revoked securely. This supports the secure implementation of strong authentication mechanisms required by this control and complements PR.AA-03.2, which mandates MFA for remote access.</li><li>Ensure OT-Specific Feasibility In OT environments, authentication methods should be adapted to system constraints, legacy equipment, and operational continuity requirements. Coordination with engineering teams may be necessary to imple- ment feasible solutions.</li></ul></div> |
|
A general note, for any purpose. |
The goal of this control is to ensure that strong authentication mechanisms are applied to transactions within critical systems.This includes using Multi-FactorAuthentication (MFA – PR.AA-03.2), cryptographic credentials, and other secure methods to protect sensitive operations and data exchanges. To achieve this goal, the organisation should: - Apply Strong Authentication to Critical Transactions Transactions involving access to sensitive data, system configuration changes, command execution, user/ device authentication, or data transmission between systems should be protected using MFA, identity tokens, cryptographic keys, or certificates, where feasible. - Use Context-Aware and Behaviour-Based Authentication Strong authentication should include context-based checks (e.g. location, time, device) and behavioural biometrics (e.g. typing patterns) to detect anomalies and enhance security. - Combine MFAwith Single Sign-On (SSO) MFA should be integrated with SSO solutions to streamline access while maintaining robust protection for internal and external critical systems. - Manage Cryptographic Credentials Securely Cryptographic certificates, identitytokens, and keys should be issued, stored, rotated, and revoked securely. This supports the secure implementation of strong authentication mechanisms required by this control and complements PR.AA-03.2, which mandates MFA for remote access. - Ensure OT-Specific Feasibility In OT environments, authentication methods should be adapted to system constraints, legacy equipment, and operational continuity requirements. Coordination with engineering teams may be necessary to imple- ment feasible solutions. |
|
A general note, for any purpose. |
The goal of this control is to ensure that strong authentication mechanisms are applied to transactions within critical systems.This includes using Multi-FactorAuthentication (MFA – PR.AA-03.2), cryptographic credentials, and other secure methods to protect sensitive operations and data exchanges. To achieve this goal, the organisation should: - Apply Strong Authentication to Critical Transactions Transactions involving access to sensitive data, system configuration changes, command execution, user/ device authentication, or data transmission between systems should be protected using MFA, identity tokens, cryptographic keys, or certificates, where feasible. - Use Context-Aware and Behaviour-Based Authentication Strong authentication should include context-based checks (e.g. location, time, device) and behavioural biometrics (e.g. typing patterns) to detect anomalies and enhance security. - Combine MFAwith Single Sign-On (SSO) MFA should be integrated with SSO solutions to streamline access while maintaining robust protection for internal and external critical systems. - Manage Cryptographic Credentials Securely Cryptographic certificates, identitytokens, and keys should be issued, stored, rotated, and revoked securely. This supports the secure implementation of strong authentication mechanisms required by this control and complements PR.AA-03.2, which mandates MFA for remote access. - Ensure OT-Specific Feasibility In OT environments, authentication methods should be adapted to system constraints, legacy equipment, and operational continuity requirements. Coordination with engineering teams may be necessary to imple- ment feasible solutions. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
PR.AA-01.4 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Multi-factor authentication for critical systems |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
For transactions within the organisation's critical systems, the organisation shall implement Multi Factor Authentication (MFA), cryptographic certificates, identity tokens, cryptographic keys and other credentials as appropriate and where feasible. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_IMPORTANT_to_ESSENTIAL |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
17 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 19 of 19
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1