Authentication and Separation of Maintenance Sessions from NIST 800-53 v5 framework

SAMMY works best on screens 1024px wide or larger.

Access Control
Awareness and Training
Audit and Accountability
Assessment, Auithorization and Monitoring
Configuration Management
Contingency Planning
Identification and Authentication
Incident Response
Maintenance
Media Protection
Physical and Environmental Protection
Planning
Program Management
Personnel Security
Personally Identifiable Information Processing and Transparency
Risk Assessment
System and Services Acquisition
System and Communications Protection
System and Information Integrity
Supply Chain Risk Management

MA-4(4): Authentication and Separation of Maintenance Sessions

Authentication and Separation of Maintenance Sessions

MA-4(4): Authentication and Separation of Maintenance Sessions

Protect nonlocal maintenance sessions by:
(a) Employing [Assignment: organization-defined authenticators that are replay resistant]; and
(b) Separating the maintenance sessions from other network sessions with the system by either:
(1) Physically separated communications paths; or
(2) Logically separated communications paths.

Description

Communications paths can be logically separated using encryption.