ISO/IEC 27001 Control 8.7: Protection against malware

Protection against malware should be implemented and supported by appropriate user awareness.

MidPoint's contribution to implementation of this control is marginal.

Implementation of the control is mostly outside the scope of identity governance and administration (IGA), therefore midPoint cannot provide significant advantage. However, midPoint can still provide minor supporting information and functionality.

MidPoint has a couple of supporting functionalities for malware protection.

MidPoint can maintain inventory of applications and service accounts associated with applications. Management of application service accounts as non-human identities can be used to isolate environments or affected applications in an event of malware infection. Moreover, management of service accounts enables application of minimum access principle for applications (a.k.a. "zero trust"), creating natural boundaries for malware spread. MidPoint acts as a natural backup-up of user databases, which always up-to-date. In case that application needs to be re-set or restored due to malware incident, midPoint can quickly restore user access to the application. Role-based access control (RBAC) mechanism in midPoint can be used to manage privilege to temporarily or permanently disable malware protection, driving assignment of the privilege through appropriate approval process, including records of review and documenting justification.

While midPoint cannot provide any direct malware detection functionality, there are couple of supporting features that improve malware protection mechanisms.