Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
PR.AA-03.4: Remote access to the organisation’s critical systems shall be monitored and cryp- tographic mechanisms shall be implemented where determined necessary. |
|
PR.AA-03.4 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p91 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to ensure that remote access to critical systems is not only restricted and approved (as defined in PR.AA-03.3), but also actively monitored and protected using cryptographic mechanisms to prevent unauthorised access and data compromise. To achieve this goal, the organisation should: - Monitor Remote Access Activities All remote access sessions should be logged, capturing user identity, time, duration, and systems accessed. Monitoring tools should detect unusual or unauthorised access patterns and alert security teams in real time. Logs should be reviewed regularly and retained according to policy. - Apply Cryptographic Protections Remote connections should use strong encryption protocols such as TLS (Transport Layer Security), SSH (Secure Shell), orIPsec. Data transmitted during remote sessions should be encrypted in transit.Where sen- sitive data is accessed, end-to-end encryption should be considered. - Enforce Access Rules from PR.AA-03.3 Monitoring and encryption settings should reflect the access restrictions defined in PR.AA-03.3. Forexample, alerts should trigger on out-of-hours access or attempts to reach unauthorised systems.All access should be verified against documented approvals. - Support Continuous Improvement Monitoring data should be used to refine access policies, identify enforcement gaps, and support incident response. Cryptographic standards should be reviewed periodically to ensure alignment with current best practices. - Ensure OT-Specific Feasibility In OT environments, monitoring and encryption should be implemented in a way that respects system con- straints and operational continuity. Jump servers or secure gateways should be used to centralise control and logging. - Align with ENISA Guidance These practices align with ENISA’s NIS2 Technical Implementation Guidance, which recommends secure remote access, encryption of communications, and continuous monitoring as part of effective cybersecurity risk management for critical systems. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure that remote access to critical systems is not only restricted and approved (as defined in PR.AA-03.3), but also actively monitored and protected using cryptographic mechanisms to prevent unauthorised access and data compromise. To achieve this goal, the organisation should:</p><ul><li>Monitor Remote Access Activities All remote access sessions should be logged, capturing user identity, time, duration, and systems accessed. Monitoring tools should detect unusual or unauthorised access patterns and alert security teams in real time. Logs should be reviewed regularly and retained according to policy.</li><li>Apply Cryptographic Protections Remote connections should use strong encryption protocols such as TLS (Transport Layer Security), SSH (Secure Shell), orIPsec. Data transmitted during remote sessions should be encrypted in transit.Where sen- sitive data is accessed, end-to-end encryption should be considered.</li><li>Enforce Access Rules from PR.AA-03.3 Monitoring and encryption settings should reflect the access restrictions defined in PR.AA-03.3. Forexample, alerts should trigger on out-of-hours access or attempts to reach unauthorised systems.All access should be verified against documented approvals.</li><li>Support Continuous Improvement Monitoring data should be used to refine access policies, identify enforcement gaps, and support incident response. Cryptographic standards should be reviewed periodically to ensure alignment with current best practices.</li><li>Ensure OT-Specific Feasibility In OT environments, monitoring and encryption should be implemented in a way that respects system con- straints and operational continuity. Jump servers or secure gateways should be used to centralise control and logging.</li><li>Align with ENISA Guidance These practices align with ENISA’s NIS2 Technical Implementation Guidance, which recommends secure remote access, encryption of communications, and continuous monitoring as part of effective cybersecurity risk management for critical systems.</li></ul></div> |
|
A general note, for any purpose. |
The goal of this control is to ensure that remote access to critical systems is not only restricted and approved (as defined in PR.AA-03.3), but also actively monitored and protected using cryptographic mechanisms to prevent unauthorised access and data compromise. To achieve this goal, the organisation should: • Monitor Remote Access Activities All remote access sessions should be logged, capturing user identity, time, duration, and systems accessed. Monitoring tools should detect unusual or unauthorised access patterns and alert security teams in real time. Logs should be reviewed regularly and retained according to policy. • Apply Cryptographic Protections Remote connections should use strong encryption protocols such as TLS (Transport Layer Security), SSH (Secure Shell), orIPsec. Data transmitted during remote sessions should be encrypted in transit.Where sen- sitive data is accessed, end-to-end encryption should be considered. • Enforce Access Rules from PR.AA-03.3 Monitoring and encryption settings should reflect the access restrictions defined in PR.AA-03.3. Forexample, alerts should trigger on out-of-hours access or attempts to reach unauthorised systems.All access should be verified against documented approvals. • Support Continuous Improvement Monitoring data should be used to refine access policies, identify enforcement gaps, and support incident response. Cryptographic standards should be reviewed periodically to ensure alignment with current best practices. • Ensure OT-Specific Feasibility In OT environments, monitoring and encryption should be implemented in a way that respects system con- straints and operational continuity. Jump servers or secure gateways should be used to centralise control and logging. • Align with ENISA Guidance These practices align with ENISA’s NIS2 Technical Implementation Guidance, which recommends secure remote access, encryption of communications, and continuous monitoring as part of effective cybersecurity risk management for critical systems. |
|
A general note, for any purpose. |
The goal of this control is to ensure that remote access to critical systems is not only restricted and approved (as defined in PR.AA-03.3), but also actively monitored and protected using cryptographic mechanisms to prevent unauthorised access and data compromise. To achieve this goal, the organisation should: - Monitor Remote Access Activities All remote access sessions should be logged, capturing user identity, time, duration, and systems accessed. Monitoring tools should detect unusual or unauthorised access patterns and alert security teams in real time. Logs should be reviewed regularly and retained according to policy. - Apply Cryptographic Protections Remote connections should use strong encryption protocols such as TLS (Transport Layer Security), SSH (Secure Shell), orIPsec. Data transmitted during remote sessions should be encrypted in transit.Where sen- sitive data is accessed, end-to-end encryption should be considered. - Enforce Access Rules from PR.AA-03.3 Monitoring and encryption settings should reflect the access restrictions defined in PR.AA-03.3. Forexample, alerts should trigger on out-of-hours access or attempts to reach unauthorised systems.All access should be verified against documented approvals. - Support Continuous Improvement Monitoring data should be used to refine access policies, identify enforcement gaps, and support incident response. Cryptographic standards should be reviewed periodically to ensure alignment with current best practices. - Ensure OT-Specific Feasibility In OT environments, monitoring and encryption should be implemented in a way that respects system con- straints and operational continuity. Jump servers or secure gateways should be used to centralise control and logging. - Align with ENISA Guidance These practices align with ENISA’s NIS2 Technical Implementation Guidance, which recommends secure remote access, encryption of communications, and continuous monitoring as part of effective cybersecurity risk management for critical systems. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
PR.AA-03.4 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Remote access monitoring and encryption |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
Remote access to the organisation’s critical systems shall be monitored and cryp- tographic mechanisms shall be implemented where determined necessary. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_IMPORTANT_to_ESSENTIAL |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
17 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 19 of 19
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1