E.3.2 Environmental separation

Control Details

Objective

Separate and protect each environment involved in software development (i.e., development, build, test, deployment, model training)

Definition

Using network segmentation and access control to separate and protect each environment (e.g., endpoints, development, build, test, deployment, model training) involved in software development to protect from internal and external threats. Remote access to the build environment should be rare, logged, and require multi-party approval. Log and monitor access, particularly privileged access. Configure the environment's hosting infrastructure following a zero-trust architecture.

Assessment Questions

1. How are environments involved in software development (e.g., endpoints, development, build, test, model training, deployment) separated and protected from physical and remote access to the build environment?
2. How is access logged?
3. How are approvals arranged for access to the build environment?
4. How are the build environment workstations held to a security standard, e.g. up-to-date patches, anti-virus definitions, etc?

Reference sources

1. EO 4e(i)(A) 4e(i)(B) 4e(i)(C) 4e(i)(D) 4e(i)(E) 4e(i)(F) 4e(ii) 4e(iii) 4e(v) 4e(vi)
2. SSDF PO.5.1 PO.5.2
3. SSDF-AI PO.5.1
4. BSIMM SE3.10
5. 800-161 SA-8 SA-15
6. CNCF-SSC D-V Air-gapped deployment
7. Self-attestation 1a 1b 1c 1d 1e 1f 2 3
8. SAMM O-EM-2-A O-OM-2-A I-SD-1-B O-IM-2-A O-EM-2-B I-SB-2-A G-PC-1-A