Detection

EUCSEC07: How do you monitor and track access to EUC environment?

Logging successful and unsuccessful access attempts to EUC instances and applications is a key practice for the secure delivery of end user applications. The logs can be used for troubleshooting purposes but also to audit access patterns and identify malicious behaviours.

EUCSEC08: How do you protect EUC endpoints from malicious software?

The ongoing logging of user activity and the associated analysis of those logs helps you detect unexpected behavior as anomalies that deviate away from the standard baseline behaviors.

EUCSEC09: How do you detect unexpected or unwanted configuration changes to end user applications?

Many organizations have security policies that require ongoing adherence to the base line security posture determined for systems delivering applications and desktops to users. They may also require that the security posture is not deviated away over time due to configuration drift.

Best practices

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

EUCSEC06 BP02 Strengthen SAML federation to reduce security risks

EUCSEC07-BP01 Monitor user access to EUC instances and aggregate logs in central location