System administrators must be authenticated with an individual authenticator prior to using a group authenticator.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000143-IDPS-000133	SRG-NET-000143-IDPS-000133	SRG-NET-000143-IDPS-000133_rule		Medium

Description
To assure individual accountability and prevent unauthorized access, organizational users shall be individually identified and authenticated. Sharing group accounts on any device is prohibited. If group accounts are not changed when individuals leave the group, that person could gain control of the network device. However, there are times when they are deemed mission essential. The security architecture of the IDPS and any installed applications must allow use of an individual authenticator (e.g., AAA server or Active Directory authentication) prior to using individual authentications.

Description

To assure individual accountability and prevent unauthorized access, organizational users shall be individually identified and authenticated. Sharing group accounts on any device is prohibited. If group accounts are not changed when individuals leave the group, that person could gain control of the network device. However, there are times when they are deemed mission essential. The security architecture of the IDPS and any installed applications must allow use of an individual authenticator (e.g., AAA server or Active Directory authentication) prior to using individual authentications.

STIG	Date
IDPS Security Requirements Guide (SRG)	2012-03-08

Details

Check Text ( C-43268_chk )
Ask if group accounts are used to access or operate (use installed applications). Observe several administrators logging in and note the process for using group accounts. If group accounts are used without first logging in with individual credentials, this is a finding.

Fix Text (F-43268_fix)
Configure the system to require individual credentials for each user. Verify group authenticators are mission essential or necessary for the operation of the system.