The IAO/NSO will ensure all accounts are assigned the lowest possible level of access/rights necessary to perform their jobs.

From Network Devices Security Technical Implementation Guide

Part of Least Privilege not IAW policies in NMS.

Associated with IA controls: ECSC-1

SV-3184r1_rule The IAO/NSO will ensure all accounts are assigned the lowest possible level of access/rights necessary to perform their jobs.

Vulnerability discussion

Without a formal personnel approval process, unauthorized users may gain access to critical DoD systems. It is imperitive that only the required access to the required systems and information be provided to each individual.The lack of a password protection for communications devices provides anyone access to the device, which opens a backdoor opportunity for intruders to attack and manipulate or compromise network resources. Vendors often assign default passwords to communication devices. These default passwords are well known to the hacker community and are extremely dangerous if left unchanged.

Check content

Review the user database to determine compliance.

Fix text

Have the NSO ensure that accounts are created with the lowest privilege necessary to perform their duties.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.