Ensure Security Contact Information is Registered Rule
This rule ensures that security contact information is properly registered for compliance.
| Rule | Ensure security contact information is registered |
| Framework | cis_v140 |
| Severity | ✔ Medium |
Ensure Security Contact Information is Registered for CIS v1.4.0
Overview
The CIS (Center for Internet Security) v1.4.0 standard recommends that all cloud accounts have a registered security contact. This ensures that if there’s a security issue or if the cloud provider needs to communicate urgently with the account owner, they can do so promptly. Keeping the security contact information up-to-date is crucial for the rapid response to any potential security incidents.
Rule Details
Description
- Objective: Maintain updated security contact information.
- Rationale: Facilitates prompt communication in case of security breaches or notifications.
- Compliance Standards:
- CIS Benchmark
- General Data Protection Regulation (GDPR), where applicable
Troubleshooting Steps
- 1.Check Contact Registration: Ensure that security contact information is present in your cloud service provider's account settings.
- 2.Verify Information Accuracy: Confirm that the contact information is accurate and updated.
- 3.Monitor Compliance: Regular audits should be conducted following this rule.
Necessary Steps and Codes
Azure
Checking Security Contact
- 1.Navigate to the Azure Portal.
- 2.Go to
.Security Center - 3.Click on
.Security Policy - 4.Select your Subscription.
- 5.Click on
.Contact Details
Updating Security Contact
# Log in to Azure CLI az login # Set the subscription context az account set --subscription "your_subscription_id" # Update the security contact az security contact create --name default --email "security_contact@email.com" --phone "phone_number" --alert-notifications on --alerts-admins on
Verification
# Verify the security contact az security contact list
AWS
Checking Security Contact
- 1.Sign in to the AWS Management Console.
- 2.Go to
.AWS Security Hub - 3.Click on
.Settings - 4.Navigate to
.Security Contacts
Updating Security Contact
# Use the AWS Command Line Interface # Get the current contacts aws securityhub describe-hub # Update the contact aws securityhub update-hub --input '{"Contacts": [{"Email": "security_contact@email.com", "PhoneNumber": "phone_number"}]}'
Verification
# Verify the updates have taken effect aws securityhub describe-hub
GCP
Checking Security Contact
- 1.Open the Google Cloud Console.
- 2.Navigate to
.IAM & Admin - 3.Click on
.Settings - 4.Look for the contact information section.
Updating Security Contact
# Use Google Cloud CLI (gcloud) # Update the security contact email gcloud beta security settings contacts create "security_contact@email.com" --security-contact-email
Verification
# Verify the contact has been updated gcloud beta security settings contacts list
Step by Step Guide for Remediation
General Steps
- 1.Log into your cloud provider's management console or CLI.
- 2.Locate the security contact information.
- 3.Verify current details and update them if necessary.
- 4.Save the changes and ensure you receive confirmation of the update.
- 5.Regularly revisit and verify the accuracy of the contact details.
Specific Commands
For specific CLI commands, refer to the sections above for AWS, Azure, and GCP.
Implementing this rule will help fortify your cloud environment's security posture and ensure compliance with CIS benchmarks. Properly following these guidelines will demonstrate to customers and stakeholders your commitment to security, potentially improving your SEO as users search for reliable and secure service providers. Remember that maintaining clear, concise, and up-to-date online procedures can significantly boost your visibility and credibility in an increasingly security-conscious digital landscape.