Least Privilege. Assignment of permissions and capabilities must be narrowly tailored and follow the Principle of Least Privilege. Each individual, Role, and account may have only the minimum level of access required to perform their authorized function. For example, a normal desktop user should not have administrator-level access on their machine and should not be able to change basic system settings or install new software; similarly, a web application should not be run with administrator rights (or root in the Linux/Unix context) to the operating systems on which it runs. At a minimum, Information Resources must have the following separate Roles and associated Accounts defined by EOTSS standard IS.003 Access Management: a. User Account b. System (or Application) Account c. Service Account d. Administrator (or Root) Account e. Firecall (or breakglass/emergency recovery) Account
Appears in 3 contracts
Sources: Primary Care Accountable Care Organization Contract, Primary Care Accountable Care Organization Contract, Primary Care Accountable Care Organization Contract