Running admin commands remotely (or reaching security info) requires explicit authorization.
What it actually means
Authorize remote execution of privileged commands and remote access to security-relevant information — these higher-risk remote actions should be explicitly permitted, restricted to specific users, and logged.
Pass or fail — an assessor needs a "yes" to each
- Is remote execution of privileged commands explicitly authorized and restricted?
- Is remote access to security-relevant information controlled and logged?
What to have ready
- Authorization records or configuration for privileged remote access
- Logs of privileged remote actions
Where teams trip up
- Any admin able to run privileged commands over any remote session
- No authorization or logging for privileged remote access
See where this control puts your score
Run all 110 requirements free in about 10 minutes.
Calculate your SPRS score →