Skip to content
ATO Pathways
  Log In

CCI-000016

Automatically remove or disable temporary and emergency accounts after an organization-defined time-period for each type of account.

Logo
11

Rule

Severity: Medium
Assign Expiration Date to Emergency Accounts
Logo
16

Rule

Severity: Medium
Assign Expiration Date to Temporary Accounts
Logo
2

Rule

Severity: Medium
AAA Services must be configured to automatically remove authorizations for temporary user accounts after 72 hours.
Logo
2

Rule

Severity: Medium
AAA Services must be configured to automatically remove temporary user accounts after 72 hours.
Logo
2

Rule

Severity: Medium
The application must automatically remove or disable temporary user accounts 72 hours after account creation.
Logo
2

Rule

Severity: Medium
The Mainframe Product must automatically remove or disable temporary user accounts after 72 hours.
Logo
1

Rule

Severity: Low
Nutanix AOS must automatically remove or disable temporary user accounts after 72 hours.
Logo
1

Rule

Severity: Medium
Access to Prisma Cloud Compute must be managed based on user need and least privileged  using external identity providers for authentication and grouping to role-based assignments when possible.
Logo
2

Rule

Severity: Medium
The UEM server must automatically remove or disable temporary user accounts after 72 hours if supported by the UEM server.
Logo
4

Rule

Severity: Medium
The macOS system must automatically remove or disable temporary and emergency user accounts after 72 hours.
Logo
3

Rule

Severity: Medium
The macOS system must automatically remove or disable temporary or emergency user accounts within 72 hours.
Logo
2

Rule

Severity: Medium
The Ubuntu operating system must provision temporary user accounts with an expiration time of 72 hours or less.
Logo
2

Rule

Severity: Medium
The container platform must automatically remove or disable temporary user accounts after 72 hours.
Logo
2

Rule

Severity: Medium
The operating system must automatically remove or disable temporary user accounts after 72 hours.
Logo
2

Rule

Severity: Medium
AIX must automatically remove or disable temporary user accounts after 72 hours or sooner.
Logo
1

Rule

Severity: Medium
IBM z/OS System Administrator must develop a procedure to automatically remove or disable temporary user accounts after 72 hours.
Logo
3

Rule

Severity: Medium
IBM z/OS system administrator must develop a procedure to remove or disable temporary user accounts after 72 hours.
Logo
2

Rule

Severity: Medium
Windows Server 2016 must automatically remove or disable temporary user accounts after 72 hours.
Logo
1

Rule

Severity: Medium
Windows Server 2019 must automatically remove or disable temporary user accounts after 72 hours.
Logo
2

Rule

Severity: Medium
Windows Server 2022 must automatically remove or disable temporary user accounts after 72 hours.
Logo
2

Rule

Severity: Medium
OL 8 temporary user accounts must be provisioned with an expiration time of 72 hours or less.
Logo
2

Rule

Severity: High
OpenShift must use FIPS validated LDAP or OpenIDConnect.
Logo
2

Rule

Severity: Medium
RHEL 8 temporary user accounts must be provisioned with an expiration time of 72 hours or less.
Logo
2

Rule

Severity: Medium
RHEL 9 must automatically expire temporary accounts within 72 hours.
Logo
2

Rule

Severity: Medium
The SUSE operating system must provision temporary accounts with an expiration date for 72 hours.
Logo
4

Rule

Severity: Low
The operating system must automatically terminate temporary accounts within 72 hours.
Logo
2

Rule

Severity: Medium
The VMM must automatically remove or disable local temporary user accounts after 72 hours.
Logo
1

Rule

Severity: Medium
The BIG-IP appliance must automatically remove or disable temporary user accounts after 72 hours.
Logo
1

Rule

Severity: Medium
Ubuntu 22.04 LTS must automatically expire temporary accounts within 72 hours.
Logo
1

Rule

Severity: Medium
The IBM z/OS system administrator (SA) must develop a procedure to automatically remove or disable temporary user accounts after 72 hours.
Logo
1

Rule

Severity: Medium
IBM z/OS system administrator (SA) must develop a procedure to remove or disable temporary user accounts after 72 hours.
Logo
1

Rule

Severity: Medium
MKE must be configured to integrate with an Enterprise Identity Provider.
Logo
1

Rule

Severity: Medium
Access to Prisma Cloud Compute must be managed based on user need and least privileged using external identity providers for authentication and grouping to role-based assignments when possible.
Logo
1

Rule

Severity: Medium
SLEM 5 must automatically expire temporary accounts within 72 hours.

Patternfly

PatternFly elements

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules