IT Security - Chathura Ariyadasa (He/Him/His)

The Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing aligned to the CSA best practices, that is considered the de-facto standard for cloud security and privacy. The accompanying questionnaire, CAIQ, provides a set of “yes or no” questions based on the security controls in the CCM.

You can now download the CCM and CAIQ together.

These 2 files consist of all required documentation.

CCM v4
Mappings
CAIQ v4
STAR Level 1: Security Questionnaire (CAIQ v4)
Implementation Guidelines
Auditing Guidelines

Mappings enable you to connect the dots if you are already Compliant with other major Compliance standards.

ISO/IEC 27001/27002/27017/27018
CCM V3.0.1
AICPA TSC
CIS Controls V8
NIST 800-53r5
PCI DSSv3.2.1

[source: cloudsecurityalliance.org]

Recently, I had to create a Wiki site. So consideriing all the features, my selection was Dokuwiki. Before the go live, I had to secure the Wiki site. My primary concern was MFA (Multi Factor Authentication). I faced some issues while configuring the MFA. So, I thought of sharing this with you. Let’s see how we can enable MFA.

Using the DokuWiki extension manager, install Attribute Plugin
Then, install Two Factor Authentication – Core Plugin
Finally, you may install any of the plugings based on your requirement [Email Plugin | Google Auth. | SMS].
After installing the plugins, you may need to access Admin section
In Admin section, scroll down to “Twofactor” section and enable two factor auth.

Make sure to slect “Mandatory” as no one can bypass the MFA

Then, you need to enable Google Auth. plugin as below

Finally, you may verify the MFA by running Enrollment wizard and re login

As you can see, I can not login to the system without providing the configured MFA.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
__cfduid	1 month	The cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.

Cookie	Duration	Description
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.

Tag: IT Security

What is CSA Cloud Controls Matrix (CCM)

How to enable MFA in Dokuwiki