R199. Authorize foreign devices access

Requirement

The organization must determine services, time and personnel allowed to access to inner resources using foreign devices.

References

  1. HIPAA Security Rules 164.310(d)(1): Device and Media Controls: Implement policies and procedures that govern the receipt and removal of hardware and electronic media that contain electronic protected health information into and out of a facility, and the movement of these items within the facility.

  2. NIST 800-53 IA-3 Device identification and authentication: The information system uniquely identifies and authenticates organization-defined devices before establishing a local or remote network connection.

Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy