AC-18 Wireless Access Restriction
Control: Establish usage restrictions and implementation guidance for wireless technologies; and (ii) document, monitor, and control wireless access to the system.
Illustrative Controls and TIBCO LogLogic Solution
Administrators should assess the authentication mechanisms used to validate user credentials (new and existing) for critical systems to support the validity of transactions. Server and application activities must be monitored for locked-out and enabled accounts as they can represent malicious activities.
In general, auditors validate the technical standards used (for example, two-factor authentication with one-time passwords) and the Know Your Customer policies that the organization uses before issuing the appropriate tokens. However, you can use log files to validate that the systems implemented are working effectively.
To satisfy this control objective, administrators must review the time and sources of the external logins to determine whether they are authenticated and authorized.