Skip to content
ATO Pathways
  Log In

CCI-000017

Disable accounts when the accounts have been inactive for the organization-defined time-period.

Logo
22

Rule

Severity: Medium
Set Account Expiration Following Inactivity
Logo
9

Rule

Severity: Medium
Set existing passwords a period of inactivity before they been locked
Logo
2

Rule

Severity: Medium
AAA Services must be configured to automatically disable accounts after a 35-day period of account inactivity.
Logo
1

Rule

Severity: Medium
Compliance Guardian must provide automated mechanisms for supporting account management functions.
Logo
2

Rule

Severity: Low
The application must automatically disable accounts after a 35 day period of account inactivity.
Logo
2

Rule

Severity: Medium
Unnecessary application accounts must be disabled, or deleted.
Logo
1

Rule

Severity: Low
The HP FlexFabric Switch must automatically disable accounts after a 35-day period of account inactivity.
Logo
1

Rule

Severity: Medium
The MQ Appliance network device access must automatically disable accounts after a 35-day period of account inactivity.
Logo
2

Rule

Severity: Medium
The Jamf Pro EMM must automatically disable accounts after a 35 day period of account inactivity (local accounts).
Logo
2

Rule

Severity: Medium
The Mainframe Product must automatically disable accounts after 35 days of account inactivity.
Logo
1

Rule

Severity: Medium
Access to Prisma Cloud Compute must be managed based on user need and least privileged  using external identity providers for authentication and grouping to role-based assignments when possible.
Logo
1

Rule

Severity: Medium
The Samsung SDS EMM must automatically disable accounts after a 35 day period of account inactivity (local accounts).
Logo
2

Rule

Severity: Medium
The UEM server must automatically disable accounts after a 35-day period of account inactivity.
Logo
2

Rule

Severity: Medium
The container platform must automatically disable accounts after a 35-day period of account inactivity.
Logo
2

Rule

Severity: High
OpenShift must use FIPS validated LDAP or OpenIDConnect.
Logo
4

Rule

Severity: Medium
User accounts must be locked after 35 days of inactivity.
Logo
2

Rule

Severity: Medium
The VMM must automatically disable local accounts after a 35-day period of account inactivity.
Logo
1

Rule

Severity: Medium
The BIG-IP appliance must automatically disable accounts after a 35-day period of account inactivity.
Logo
1

Rule

Severity: Medium
Dragos Platform must use an Identity Provider (IDP) for authentication and authorization processes.
Logo
1

Rule

Severity: Medium
MKE must be configured to integrate with an Enterprise Identity Provider.
Logo
1

Rule

Severity: Medium
Microsoft Intune service must automatically disable accounts and identifiers (individuals, groups, roles, and devices) after a 35-day period of account inactivity.
Logo
1

Rule

Severity: Medium
Access to Prisma Cloud Compute must be managed based on user need and least privileged using external identity providers for authentication and grouping to role-based assignments when possible.

Patternfly

PatternFly elements

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules