Access to the Hardware Management Console (HMC) must be restricted by assigning users proper roles and responsibilities.
An XCCDF Rule
Description
<VulnDiscussion>Access to the HMC if not properly controlled and restricted by assigning users proper roles and responsibilities, could allow modification to areas outside the need-to-know and abilities of the individual resulting in a bypass of security and an altering of the environment. This would result in a loss of secure operations and can cause an impact to data operating environment integrity.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><IAControls>ECAN-1, ECLP-1, PRMP-1, PRMP-2</IAControls>
- ID
- SV-31555r2_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Have the System Administrator using the list user IDs and responsibilities, validate that each user is properly specified in the HMC based on his/her roles and responsibilities.
Note: Sites must have a list of valid HMC users, indicating their USERID, Date of DD2785, roles and responsibilities
To display user roles choose User Profiles and then select the user for modification. View Task Roles and Manager Roles.