# Authentication & Access Monitors

Sprinto provides a comprehensive set of monitors to ensure your organisation enforces strong authentication and access control measures. These checks help validate that user identities are secured, access is tightly governed, and critical systems are protected against unauthorised entry.

This section covers monitors related to:

* Multi-Factor Authentication (MFA)
* Login protection mechanisms
* Auto account lockout
* Inactive user cleanup
* Access rules on critical systems

***

### Monitored Controls

#### Multi-Factor Authentication (MFA)

Sprinto verifies that MFA is enabled for users across all critical systems and cloud platforms. This includes checks for:

<table><thead><tr><th width="167.52734375">Platform</th><th width="363.97265625">Monitored Item</th></tr></thead><tbody><tr><td>AWS</td><td>Root and IAM user MFA setup</td></tr><tr><td>GitHub</td><td>Individual and org-level MFA enforcement</td></tr><tr><td>Bitbucket</td><td>Personal and team MFA</td></tr><tr><td>Office365 / Azure</td><td>Conditional access with MFA enforcement</td></tr><tr><td>Google Workspace</td><td>Enforced MFA for all users</td></tr><tr><td>Okta</td><td>2FA / MFA policy enabled</td></tr></tbody></table>

**Monitor Actions**

* Integration-based auto check (where supported)
* Step-by-step remediation guides for enabling MFA
* Manual evidence upload if integration is not feasible

***

#### Login Protection & Lockout

Sprinto validates whether systems enforce secure login protection methods, including:

* Brute-force attack prevention
* Auto account lockout after failed attempts
* Password policy enforcement (length, complexity, expiry)

These monitors help detect vulnerabilities in authentication workflows and enforce corrective action.

***

#### Inactive User Cleanup

Inactive user credentials are a common attack vector. Sprinto includes monitors that:

* Identify stale users on AWS, Azure, and other platforms
* Check for users with active access but no recent activity
* Recommend disabling or removing unused accounts

***

#### Access Rule Configuration

Sprinto checks if access control rules are implemented correctly on critical systems, such as:

* Access based on role or business need
* Least-privilege enforcement
* Login protection on infrastructure services
* Access review configurations for sensitive systems

***

### Remediation Workflow

Each failing monitor includes a resolution workflow with:

1. Summary of the issue
2. Recommended steps to configure the required control
3. Links to platform-specific setup guides (e.g., AWS IAM, GitHub MFA)
4. Option to upload proof (evidence) if automation is not available

All changes made on external platforms (e.g., enabling MFA) are detected by Sprinto in the next sync cycle.

***

### Best Practices

* Enforce MFA universally and monitor its configuration via integrations.
* Review access control monitors weekly to identify policy drift.
* Lock unused accounts regularly.
* Maintain a documented access review process.
Platform	Monitored Item
AWS	Root and IAM user MFA setup
GitHub	Individual and org-level MFA enforcement
Bitbucket	Personal and team MFA
Office365 / Azure	Conditional access with MFA enforcement
Google Workspace	Enforced MFA for all users
Okta	2FA / MFA policy enabled