PR.AA-01.196

Does your organization use unique device identifiers based on immutable hardware characteristics or secure provisioning methods?

Explanation

Unique device identifiers are crucial for device authentication, inventory management, and security monitoring. These identifiers should be either based on immutable hardware characteristics (like MAC addresses, CPU IDs, or hardware serial numbers) or securely provisioned to the device during manufacturing or initialization (such as TPM-based identifiers or cryptographic certificates).As evidence, you could provide documentation of your device identification scheme, including the source of identifiers (hardware-based or provisioned), how they are assigned and tracked, and how these identifiers are protected from tampering or spoofing. This might include device enrollment procedures, inventory management system screenshots showing unique identifiers, or technical specifications for your device provisioning process.

Implementation Example

Select a unique identifier for each device from immutable hardware characteristics or an identifier securely provisioned to the device

ID: PR.AA-01.196

Context

Function
PR: PROTECT
Category
PR.AA: Identity Management, Authentication, and Access Control
Sub-Category
Identities and credentials for authorized users, services, and hardware are managed by the organization

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron