Cyber Essentials Requirements

[Grant Fettis]

Like many other public bodies, we are now mandated to comply with the requirements of Cyber Essentials: https://www.gov.uk/government/publications/cyber-essentials-scheme-overview

In addition, we are preparing for the introduction of the General Data Protection Regulations.

 

Given that Service Manager may contain sensitive information, we are looking at ways of making access more secure.  Currently log-in security is limited to AD authentication. Would it be possible to limit access even further by only allowing access by set IP address with any other access requiring 2 factor authentication?   

[Gerry]

@Grant Fettis

If you are using AD and have SSO configured then would this not be a question for the ADFS system administrator as its your ADFS server thats doing all the of the user authentication?

If you are not using SSO and are using the authentication scheme that the Hornbill platform provides then thats a reasonable question.  We have been looking at more enterprise-grade features and 2FA is something that we have considered.  However, most of our customers opt to use SSO with their own enterprise security systems so any effort we put into our inbuilt authentication scheme would that far seem to be a bit of a waste of time as our customers would not benefit from the effort. 

[edit] A quick google search and I found this document: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-additional-authentication-methods-for-ad-fs

Gerry