Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The information system:
(a) Compares the internal information system clocks [FedRAMP Assignment: (M)(H) At least hourly] with [FedRAMP Assignment: (M)(H) http://tf.nist.gov/tf-cgi/servers.cgi]; and
(b) Synchronizes the internal system clocks to the authoritative time source when the time difference is greater than [Assignment: organization-defined time period].
AU-8 (1) Additional FedRAMP Requirements and Guidance: The service provider selects primary and secondary time servers used by the NIST Internet time service. The secondary server is selected from a different geographic region than the primary server.
AU-8 (1) Additional FedRAMP Requirements and Guidance: The service provider synchronizes the system clocks of network computers that run operating systems other than Windows to the Windows Server Domain Controller emulator or to the same time source for that server.
AU-8 (1) Additional FedRAMP Requirements and Guidance: Synchronization of system clocks improves the accuracy of log analysis.
NIST 800-53 (r4) Supplemental Guidance:
This control enhancement provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.
NIST 800-53 (r5) Discussion:
Withdrawn: Moved to SC-45(1).
38North Guidance:
Meets Minimum Requirement:
Part a. The Cloud Service Provider (CSP) configures the Cloud Service Offering (CSO) Network Time Protocol (NTP) server to synchronize time with the authoritative http://tf.nist.gov/tf-cgi/servers.cgi NIST Internet Time Servers at least hourly.
Part b. The CSO NTP server serves as the authoritative time source for all CSO server internal system clocks. The NTP server synchronizes with the NIST Internet Time Server when the time difference is greater than [organization-defined time period].
Best Practice: None
Unofficial FedRAMP Guidance: None
Assessment Evidence:
Review the CSO audit and accountability policy and procedures to determine the defined time period when the CSO NTP server time difference is greater than [organization defined] and is forced to synchronize to the NIST Internet Time Servers.
Review the CSO NTP server configuration settings to ensure the NTP server compares the NTP server clock with the NIST Internet Time Server http://tf.nist.gov/tf-cgi/servers.cgi at least hourly.
Review the CSO NTP server configuration setting to determine how often the NTP server synchronizes time with the NIST Internet Time Server.
CSP Implementation Tips:
Amazon Web Services (AWS): TBD
Microsoft Azure: TBD
Google Cloud Platform: TBD
Page updated
Report abuse