Security Assessment Remediation (SAR)
Space shortcuts
Page tree
Skip to end of metadata
Go to start of metadata


Date

 

Time1 pm
Duration60 mts
Location

Zoom

Zoom
Attendees

Ashish Pandit Unknown User (mkgill)  Achraf Adenane Louis Zelus 

Project/ProgramSecurity Assessment remediation - SAR 
Project BoardITS PMO 
Log Time
OTL
Objective(s)
  • Implement SAR Remediations. There are the following items for the agenda

    1. Review feedback on decisions

    2. Review RA-16; RA-19; RA-25

Notes: 


Speaker DescriptionNotes
SAR Account review information



RA-75 - Administrative accounts are not periodically reviewed for the appropriateness of use. Louis is documenting and reviewing service accounts as part of the iPaaS user account and seeing if it is required or not. There is no check on if it is used in the right manner or not

RA-76 Generic and service accounts are not routinely audited for proper use and configuration. Service account passwords have not been changed or reviewed to ensure password standards are enforced.

Louis is documenting and reviewing service accounts as part of the iPaaS user account and seeing if it is required or not. There is no check on if it is used in the right manner or not

The service account gets locked down after x number of months or years per Louis Zelus 



Nifiuer account review done.  admin and service account needs to be done.

Kafkatbd

Airflowtbd

API Managershould go faster

RA-16



RA-25



RA-26

Part of Louis's review


RA-28

Business applications - Ranger, Ambari,  - Create a task for that

RA-3



RA-4



RA-5



RA-6


Write a comment...