The option to restrict user access based on duty hours is available but is not being utilized.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-7940	DSN06.04	SV-8426r1_rule	ECLO-1 ECSC-1	unknown

Description
Requirement: The IAO will ensure that user access is restricted based on duty hours, where technically feasible. The restriction of user access by limiting access to the DSN associated to the users work hours and workweek will mitigate security vulnerabilities if a user account is compromised. If available, technically feasible (i.e., the system is capable of performing the restriction), and implemented, this option provides additional access control to the system.

Description

Requirement: The IAO will ensure that user access is restricted based on duty hours, where technically feasible. The restriction of user access by limiting access to the DSN associated to the users work hours and workweek will mitigate security vulnerabilities if a user account is compromised. If available, technically feasible (i.e., the system is capable of performing the restriction), and implemented, this option provides additional access control to the system.

STIG	Date
Defense Switched Network STIG	2015-01-02

Details

Check Text ( C-7372r1_chk )
Have the IAO or SA demonstrate compliance with the requirement; minimally on a sampling of the related or effected devices. Inspect configuration files as applicable.

Fix Text (F-7515r1_fix)
If the time of day (TOD) access restriction function is available through the DSN system, it should be provisioned to allow user access within a specified window. For example, if a user is assigned to work on a DSN component Monday through Friday 8 am – 5 pm, these are the hours the DSN component will allow that user to gain access.