Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updating Common Controls 1/MFA #603

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Updating Common Controls 1/MFA #603

wants to merge 8 commits into from
+38 βˆ’52

Conversation

mdueltgen
Copy link
Collaborator

@mdueltgen mdueltgen commented Feb 13, 2025
edited
Loading

πŸ—£ Description

Updating Common Control 1/MFA Policies

πŸ’­ Motivation and context

Updating policies for clarity.
Closes #591

πŸ§ͺ Testing

βœ… Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • If applicable, All future TODOs are captured in issues, which are referenced in the PR description.
  • The relevant issues PR resolves are linked preferably via closing keywords.
  • All relevant type-of-change labels have been added.
  • I have read and agree to the CONTRIBUTING.md document.
  • These code changes follow cisagov code standards.
  • All relevant repo and/or project documentation has been updated to reflect the changes in this PR.
  • Tests have been added and/or modified to cover the changes in this PR.
  • All new and existing tests pass.

βœ… Pre-merge Checklist

  • This PR has been smoke tested to ensure main is in a functional state when this PR is merged.
  • Squash all commits into one PR level commit using the Squash and merge button.

βœ… Post-merge Checklist

  • Delete the branch to clean up.
  • Close issues resolved by this PR if the closing keywords did not activate.

@mdueltgen mdueltgen added this to the Eel milestone Feb 13, 2025
@mdueltgen mdueltgen requested review from buidav and adhilto February 13, 2025 17:19
@mdueltgen mdueltgen self-assigned this Feb 13, 2025
@mdueltgen mdueltgen linked an issue Feb 13, 2025 that may be closed by this pull request
Reworking Common Controls 1 #591
Open
2 tasks
adhilto
adhilto requested changes Feb 17, 2025
View reviewed changes
drift-rules/GWS Drift Monitoring Rules - Common Controls as of 11-14-23.csv Outdated Show resolved Hide resolved
scubagoggles/baselines/commoncontrols.md Outdated Show resolved Hide resolved
scubagoggles/baselines/commoncontrols.md Show resolved Hide resolved
scubagoggles/baselines/commoncontrols.md Outdated Show resolved Hide resolved
scubagoggles/baselines/commoncontrols.md Show resolved Hide resolved
mdueltgen and others added 2 commits February 18, 2025 11:16
@mdueltgen @adhilto
Apply suggestions from code review
a51033d 
Co-authored-by: Alden Hilton <106177711+adhilto@users.noreply.github.com>
@mdueltgen
Updates based on feedback
720ad19
@mdueltgen mdueltgen requested a review from adhilto February 18, 2025 19:16
@mdueltgen mdueltgen mentioned this pull request Feb 18, 2025
Open
5 tasks
adhilto
adhilto approved these changes Feb 18, 2025
View reviewed changes
Copy link
Collaborator

@adhilto adhilto left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great

buidav
buidav approved these changes Feb 20, 2025
View reviewed changes
Copy link
Collaborator

@buidav buidav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Formatting stuff.
Feel free to merge once suggested changes are addressed.

scubagoggles/baselines/commoncontrols.md
@@ -158,29 +159,22 @@ If phishing-resistant MFA is not yet tenable, an MFA method from the following l
- [T1566: Phishing](https://attack.mitre.org/techniques/T1566/)
- [T1566:001: Phishing: Spearphishing Attachment](https://attack.mitre.org/techniques/T1566/001/)


Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change

unnecessary

scubagoggles/baselines/commoncontrols.md

#### GWS.COMMONCONTROLS.1.3v0.4 Instructions
1. Under Frequency, deselect the **Allow user to trust device** checkbox.
1. Under **Methods**, select **Any except verification codes via text, phone call**.
2. Select **Save**
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
2. Select **Save**
2. Select **Save**.

Period

scubagoggles/baselines/commoncontrols.md
If security keys are not yet available for your organization:
1. Under **Methods**, select **Any except verification codes via text, phone call**.
#### GWS.COMMONCONTROLS.1.5v0.4 Instructions
1. Under Frequency, deselect the **Allow user to trust device** checkbox.
2. Select **Save**
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
2. Select **Save**
2. Select **Save**.

Period

scubagoggles/baselines/commoncontrols.md
@@ -193,30 +187,21 @@ To enforce Phishing-Resistant 2-Step Verification (MFA) for all users, use the G
5. Select **Save**
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
5. Select **Save**
5. Select **Save**.

Period

scubagoggles/baselines/commoncontrols.md
To enforce Phishing-Resistant 2-Step Verification (MFA) for all users, use the Google Workspace Admin Console:

#### Policy 1 common Instructions
#### Policy 1 Common Instructions
1. Sign in to [Google Admin console](https://admin.google.com/) as an administrator.
2. Select **Security** -\> **Authentication.**
3. Select **2-Step Verification.**
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
3. Select **2-Step Verification.**
3. Select **2-Step Verification**.

scubagoggles/baselines/commoncontrols.md
To enforce Phishing-Resistant 2-Step Verification (MFA) for all users, use the Google Workspace Admin Console:

#### Policy 1 common Instructions
#### Policy 1 Common Instructions
1. Sign in to [Google Admin console](https://admin.google.com/) as an administrator.
2. Select **Security** -\> **Authentication.**
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
2. Select **Security** -\> **Authentication.**
2. Select **Security** -\> **Authentication**.

scubagoggles/baselines/commoncontrols.md

If using security keys:
1. Under **Methods**, select **Only security Key**. Next, select **Don't allow users to select security codes**.
1. Set **New user enrollment** period to at least **1 Day** or at most **1 Week**.
2. Select **Save**
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
2. Select **Save**
2. Select **Save**.

Period

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@buidav buidav buidav approved these changes

@adhilto adhilto adhilto approved these changes

@jkaufman-mitre jkaufman-mitre jkaufman-mitre approved these changes

@k-winters k-winters Awaiting requested review from k-winters

Assignees

@mdueltgen mdueltgen

Labels
Baseline Revision Common Controls Internal Discussion
Projects
None yet
Milestone
Eel
Development

Successfully merging this pull request may close these issues.

Reworking Common Controls 1
4 participants
@mdueltgen @buidav @adhilto @jkaufman-mitre