STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

AvePoint Compliance Guardian Security Technical Implementation Guide

Version

V1R1

Benchmark ID

AvePoint_Compliance_Guardian_STIG

Total Checks

10

Tags

other
CAT I: 2CAT II: 8CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSON

Checks (10)

V-256839MEDIUMCompliance Guardian must limit the number of concurrent sessions to an organization-defined number for all accounts and/or account types.V-256840MEDIUMCompliance Guardian must initiate a session timeout after a 15-minute period of inactivity.V-256841HIGHCompliance Guardian must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.V-256842MEDIUMCompliance Guardian must provide automated mechanisms for supporting account management functions.V-256843MEDIUMCompliance Guardian must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.V-256844HIGHCompliance Guardian must use multifactor authentication for network access to privileged accounts.V-256845MEDIUMCompliance Guardian must control remote access methods.V-256846MEDIUMCompliance Guardian must accept FICAM-approved third-party credentials.V-256847MEDIUMCompliance Guardian must conform to FICAM-issued profiles.V-256848MEDIUMCompliance Guardian must only allow the use of DOD PKI established certificate authorities for verification of the establishment of protected sessions.