Update GWS.COMMONCONTROLS.6.1v0.3 instructions to more relevant to the policy.
Motivation and context
The current policy:
All highly privileged accounts SHALL leverage Google Account authentication with phishing-resistant MFA and not the agency's authoritative on-premises or federated identity system.
The current instructions:
The implementation process for this can be located here.
The "here" link isn't relevant. It's just a general discussion of admin roles. It makes no mention of federated identity.
Implementation notes
Ideally, the instructions would tell you how to identify any privileged users you have that are leveraging on-prem or federated identity.
Acceptance criteria
[ ] The instructions tell you how to identity any privileged users you have that are leveraging on-prem or federated identity
💡 Summary
Update GWS.COMMONCONTROLS.6.1v0.3 instructions to more relevant to the policy.
Motivation and context
The current policy:
The current instructions:
The "here" link isn't relevant. It's just a general discussion of admin roles. It makes no mention of federated identity.
Implementation notes
Ideally, the instructions would tell you how to identify any privileged users you have that are leveraging on-prem or federated identity.
Acceptance criteria