363 – Synchronize system clocks

Summary

Critical systems must have synchronized clocks whose configuration is protected and comes from industry-accepted sources.

Description

Systems must properly record exceptional and security events in protected logs. This allows administrators to find bugs and makes it easier for forensics teams to determine how a system was compromised. However, if clocks are not properly synchronized, it can be very difficult to compare log files from different systems in order to establish the event sequence that led to the security incident.

Supported In

Advanced: True

References

• CIS-8_4. Standardize time synchronization
• AGILE-11. Best architectures, requirements, and designs
• NYDFS-500_16. Incident response plan
• CMMC-AU_L2-3_3_7. Authoritative time source
• HITRUST-09_af. Clock synchronization
• FEDRAMP-AU-8_1. Synchronization with authoritative time source
• ISO27002-8_17. Clock synchronization
• PCI-10_6_1. System clocks and time are synchronized
• SIG-G_4. Operations management
• ISO27001-8_17. Clock synchronization
• RESOLSB-Art_27_16. Security in Electronic Channels

Last updated

2023/09/18