Title

Email software installation account usage must be logged. (Cat III impact)

Discussion

Email Administrator or application owner accounts are granted more enhanced privileges than non-privileged users. It is especially important to grant access to privileged accounts to only those persons who are qualified and authorized to use them. Each use of the account should be logged to demonstrate this accountability.

Check Content

Access the EDSP to verify logging procedure for software installation account usage. Examine evidence that logging is done for use of the correct account for email software installations and upgrades. If email software installation account usage is logged, this is not a finding.

Fix Text

Implement a logging procedure for use of the email software installation account. Document it in the EDSP.

Additional Identifiers

Rule ID: SV-20652r3_rule

Vulnerability ID: V-18868

Group Title: EMG3-028 Installation Account Usage Logged

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.