CylanceON-PREM must be configured with only one local Role to be used by the account of last resort in the event the authentication server is unavailable.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-272633 | SRG-APP-000233 | CYLN-OP-000510 | SV-272633r1113481_rule | 2025-06-11 | 1 |
Description
CylanceON-PREM uses a third-party identity provider (IDP) for access. The use of a "break glass" account is a critical failsafe measure for emergency situations where normal administrative access is unavailable.
ℹ️ Check
Verify only Administrator (break-glass user) role is local.
1. Log in to the admin console.
2. Navigate to ACCESS MANAGEMENT >> Role Management.
3. Observe the list of Roles.
If any Roles other than break-glass/Admin Role exist, this is a finding.
✔️ Fix
Remove any local Roles except for Administrator (break-glass user role). Administrator privileges are required.
1. Log in to the admin console.
2. Navigate to ACCESS MANAGEMENT >> Role Management.
3. Under "Action", click the trashcan icon.
(Note: If users are associated with the Role, the trash can icon will not exist. The user will need to be deleted first. CYLN-OP-000685)
4. Click "Remove Role".