Mechanisms exist to utilize Cloud Access Points (CAPs) to provide boundary protection and monitoring functions that both provide access to the cloud and protect the organization from the cloud.
Mechanisms exist to prevent "side channel attacks" when using a Content Delivery Network (CDN) by restricting access to the origin server's IP address to the CDN and an authorized management network.
Mechanisms exist to specify applicable cybersecurity & data protection controls that must be implemented on external systems, consistent with the contractual obligations established with the External Service Providers (ESP) owning, operating and/or maintaining external systems, applications and/or services.
Mechanisms exist to authorize specified individuals to access External Service Providers (ESP) owned, operated and/or maintained external systems, applications and/or services.
Mechanisms exist to define formal processes to store, process and/or transmit sensitive/regulated data using External Service Providers (ESP) owned, operated and/or maintained external systems, applications and/or services , in accordance with all applicable statutory, regulatory and/or contractual obligations.
Mechanisms exist to prohibit access to, or usage of, hosted systems, applications and/or services until applicable cybersecurity & data protection control implementation is verified.
Mechanisms exist to facilitate the identification and implementation of relevant statutory, regulatory and contractual controls.
Mechanisms exist to document and review instances of non-compliance with statutory, regulatory and/or contractual obligations to develop appropriate risk mitigation actions.
Mechanisms exist to document and validate the scope of cybersecurity & data privacy controls that are determined to meet statutory, regulatory and/or contractual compliance obligations.
Mechanisms exist to provide a cybersecurity & data protection controls oversight function that reports to the organization's executive leadership.
Passcode