mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-12 06:04:56 +03:00
mukul975
3.1 KiB
3.1 KiB
Identity Verification Implementation Plan Template
Project Information
| Field | Value |
|---|---|
| Project Name | |
| Organization | |
| Identity Provider | [Azure AD / Okta / Ping Identity] |
| User Population | |
| Target Completion |
Current State Assessment
Identity Infrastructure
- Primary IdP: |
- Secondary IdPs: |
- Local Accounts: [Count and locations] |
- Shared Accounts: [Count - target for elimination] |
Current MFA State
| Method | Enabled | Users Enrolled | Phishing-Resistant |
|---|---|---|---|
| SMS OTP | No | ||
| Voice Call | No | ||
| TOTP App | No | ||
| Push Notification | No | ||
| FIDO2 Security Key | Yes | ||
| Windows Hello | Yes | ||
| Certificate/PIV | Yes |
MFA Enrollment Target
- Current enrollment rate: ___%
- Target enrollment rate: 100%
- Phishing-resistant target: 100%
Phishing-Resistant MFA Rollout Plan
Hardware Key Distribution
| User Group | Key Type | Quantity | Distribution Method | Timeline |
|---|---|---|---|---|
| Executive Leadership | YubiKey 5 NFC | In-person | Week 1 | |
| IT Administrators | YubiKey 5C | IT distribution | Week 2 | |
| All Employees | YubiKey Security Key | Self-service + mail | Weeks 3-8 |
Enrollment Campaign
- Communication sent to all users
- Self-service portal configured
- Help desk trained on enrollment support
- Enrollment deadline set: ____
- Escalation path for non-compliant users
Conditional Access Policies
| Policy Name | Users | Apps | Conditions | Grant Controls | Session Controls |
|---|---|---|---|---|---|
| Block Legacy Auth | All | All | Legacy clients | Block | N/A |
| Require MFA | All | All | Any | Require MFA | Sign-in freq: 8hr |
| Require Compliant Device | All | Sensitive Apps | Any | Compliant device | App enforced |
| Block Risky Sign-In | All | All | High sign-in risk | Block | N/A |
| Require FIDO2 for Admins | Admin roles | Admin portals | Any | FIDO2 only | 1hr frequency |
Risk-Based Policies
| Risk Level | User Risk Response | Sign-In Risk Response |
|---|---|---|
| Low | Allow | Allow |
| Medium | Require MFA step-up | Require MFA step-up |
| High | Block + alert SOC | Block + alert SOC |
Identity Governance
Lifecycle Automation
- HR system integrated for joiner/mover/leaver
- Automatic provisioning on hire
- Role change triggers access review
- Automatic deprovisioning on termination
- Contractor access expiration configured
Access Reviews
- Frequency: Quarterly
- Scope: All application assignments
- Reviewers: Direct managers
- Auto-action on non-response: Revoke access
Monitoring and Detection
| Capability | Tool | Status |
|---|---|---|
| Sign-in log analysis | SIEM (Splunk/Sentinel) | |
| Identity threat detection | Entra ID Protection / ThreatInsight | |
| Impossible travel detection | IdP + UEBA | |
| Continuous Access Evaluation | CAE/CAEP | |
| Behavioral analytics | UEBA platform |
Sign-Off
| Stakeholder | Role | Approval | Date |
|---|---|---|---|
| CISO | |||
| Identity Team Lead | |||
| Help Desk Manager | |||
| HR Systems |