Support Center
  • English
  • Japanese
  • French
  • Spanish
  • Deutsch
Business Application Security
  1. Home 
  2. Visual Guard 
  3. Compliance 
  4. CIS Control 6 Compliance 

CIS Control 6 Compliance

Access Control Management

What is CIS Control 6?

CIS Control 6: Access Control Management ensures that only authorized individuals can access systems, data, and applications.

It enforces the principle of least privilege, verifies user identities, and manages account lifecycles to reduce the risk of unauthorized access.

Key CIS Control 6 requirements:

  • Establish and enforce role-based access.
  • Require strong authentication, including MFA, for all users.
  • Limit privileges to the minimum required for each role.
  • Review and update user accounts regularly.
  • Monitor and audit access to sensitive systems and data.

How Visual Guard facilitates CIS Control 6 compliance:

Role-based access control (RBAC):

Assign rights based on business roles, with fine-grained policies down to application functions and data.

Multi-factor authentication (MFA):

Secure logins using MFA methods such as OTP, biometrics, and smart cards.

User lifecycle management:

Automate provisioning, updates, and revocation of user accounts through directory integration.

Audit and traceability:

Log every access attempt and user action for compliance and investigation purposes.

Access review tools:

Support periodic review of user rights to maintain least-privilege access.

 

Detailed technical capabilities

Identity & Access Management

  • Centralized IAM with directory synchronization
  • Granular RBAC at screen, field, and function level

Authentication Security

  • MFA across cloud and on-premise applications

Audit & Monitoring

  • Immutable, exportable access logs
  • Real-time anomaly detection and alerts

Use case

Controlling privileged access in healthcare systems

A hospital must restrict access to patient records while complying with CIS and healthcare data protection regulations.

How Visual Guard helped:

  • Enforced RBAC to limit access to patient data by role.
  • Required MFA for all staff accessing critical systems.
  • Provided audit logs to support healthcare compliance requirements.

Result: The hospital reduced insider risks, secured patient data, and demonstrated compliance with CIS Control 6.

Entrust your Application Security to Professionals

Entrust Visual Guard

Try