This webinar provided a second, more in-depth discussion of the implications of CAN-0017, which pertains to CIP 007-3 R5 Account Management. This CAN has wide-ranging TFE-related implications for a vast majority of Cyber Assets that are subject to NERC CIP compliance requirements. Devices and applications need to be able to fully enforce, through technical controls, NERC CIP password complexity requirements (R5.3.1 and R5.3.2), or any shortcomings must be documented with a TFE request.
Topics addressed during this webinar include:
- Introduction and Background
- Windows as an Example
- Documenting Technical Enforcement Mechanisms
- Technical Enforcement Issues
- Steps to Success
Downloads
Presentation materials and transcribed questions & Encari’s responses are available herein for download.
2.23.12 Webinar Slides
2.23.12 Webinar Questions and Answers
The post “NERC CAN-0017 Successful Strategies for Technical Enforcement of Password Policies” on 2/23/12 appeared first on Encari LLC.