Use a reliable time source across all relevant information processing systems.
Synchronizing system clocks enables proper coordination between systems and facilitates tracing and the reconstitution of activity timelines. Potential implementation guidance can be derived from the NIST Internet Time Servers overview (see https://tf.nist.gov/tf-cgi/servers.cgi). Also, the following concepts should be considered:
- Critical systems have the correct and consistent time.
- Time is synchronized across all systems.
- Time data is protected.
- Time settings are received from industry-accepted time sources.
- Examine policy that establishes the time scale and epoch, or traceability, of time across systems.
- Evaluate the process that ensures synchronization of time on relevant systems.
[csf.tools Note: For more information on the Cloud Controls Matrix, visit the CSA Cloud Controls Matrix Homepage.]
Cloud Control Matrix is Copyright 2023 Cloud Security Alliance.