Manage Access Control for Remote Assets
Description
Manage access control for assets remotely connecting to enterprise resources. Determine amount of access to enterprise resources based on: up-to-date anti-malware software installed, configuration compliance with the enterprise’s secure configuration process, and ensuring the operating system and applications are up-to-date.
Implementation Checklist
Tool Recommendations
AI-driven network detection and response with self-learning threat analysis and autonomous response
Darktrace · Enterprise subscription
AI-driven threat detection and response for network, cloud, and identity with attack signal intelligence
Vectra AI · Enterprise subscription
Network traffic analysis platform using behavioral modeling and machine learning to detect threats and anomalies
Cisco · Per-flow subscription
Threats & Vulnerabilities (CIS RAM)
Threat Scenarios
Compromised Remote Device Introduces Malware to Enterprise Network
IntegrityAn employee's unpatched personal laptop with outdated anti-malware connects to the enterprise VPN, introducing malware that spreads to internal systems because remote asset compliance is not verified.
Unauthorized Remote Access from Non-Compliant Device
ConfidentialityA contractor connects to enterprise resources from a jailbroken mobile device with no encryption enabled, bypassing security controls because remote device posture is not assessed before granting access.
Credential Theft via Compromised Home Network
ConfidentialityAn attacker compromises a remote worker's insecure home router and intercepts VPN credentials, gaining enterprise access because no compliance check validates the remote device's security posture.
Vulnerabilities (When Safeguard Absent)
No Remote Device Compliance Verification
Without access control for remote assets, devices connecting to enterprise resources are not evaluated for anti-malware status, patch level, or configuration compliance before being granted network access.
Uncontrolled BYOD Access to Enterprise Resources
Personally owned devices with unknown security postures can access sensitive enterprise resources without any conditional access policies enforcing minimum security standards.
Evidence Requirements
| Type | Evidence Item | Collection Frequency |
|---|---|---|
| Technical | Configuration screenshots or exports showing protection controls enabled | Captured quarterly |
| Document | Procedure documentation for protection measures | Reviewed annually |
| Technical | Configuration compliance scan results against approved baseline | Scanned monthly |
| Document | Approved baseline configuration documentation | Reviewed quarterly |
| Record | Access review/recertification records with sign-off | Quarterly |
| Technical | Access control configuration evidence (RBAC settings, group memberships) | Reviewed quarterly |
| Technical | Anti-malware deployment status and detection statistics | Monthly |
| Document | Governing policy document (current, approved, communicated) | Reviewed annually |