The STIG requires multifactor access for all privleged accounts; it mentions using two government approved mechanisms (one is CAC) as examples. It's possible that we could also set it up to use commercially available tokens which would only allow access to our systems and the fact that it appears difficult to come by CAC cards. For the time being the two-factor stuff will need to be left unimplemented so NRAO can administer the systems.
Topic revision: r1 - 2019-09-20, JimJacobs
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding NRAO Public Wiki? Send feedback