Restrict File and Directory Permissions

Restrict access by setting directory and file permissions that are not specific to users or privileged accounts.

ID: M0922

Security Controls: IEC 62443-3-3:2013 - SR 2.1, IEC 62443-4-2:2019 - CR 2.1, NIST SP 800-53 Rev. 5 - AC-6

Version: 1.0

Created: 06 June 2019

Last Modified: 20 September 2023

Live Version

Techniques Addressed by Mitigation

Domain	ID	Name	Use
ICS	T0809	Data Destruction	Protect files stored locally with proper permissions to limit opportunities for adversaries to impact data storage. ^[1]
ICS	T0811	Data from Information Repositories	Protect files with proper permissions to limit opportunities for adversaries to interact and collect information from databases. ^[2] ^[1]
ICS	T0893	Data from Local System	Protect files stored locally with proper permissions to limit opportunities for adversaries to interact and collect information from the local system. ^[2] ^[1]
ICS	T0872	Indicator Removal on Host	Protect files stored locally with proper permissions to limit opportunities for adversaries to remove indicators of their activity on the system. ^[2] ^[1]
ICS	T0849	Masquerading	Use file system access controls to protect system and application folders.
ICS	T0873	Project File Infection	Ensure permissions restrict project file access to only engineer and technician user groups and accounts.
ICS	T0881	Service Stop	Ensure proper process and file permissions are in place to inhibit adversaries from disabling or interfering with critical services.
ICS	T0882	Theft of Operational Information	Protect files stored locally with proper permissions to limit opportunities for adversaries to interact and collect information from databases. ^[2] ^[1]