Young hacker smiling

We hack your software

zero false positives

Expert intelligence + specialized technology

REQ.194 Authorize device access to resources

This document contains the details of the security requirements related to the definition and management of foreign devices in the organization. This requirement establishes the importance of authorizing the access of foreign devices to inner resources in the facilities.

Requirement

The organization must determine what kind of foreign devices are allowed to consume inner resources.

References

  1. HIPAA Security Rules 164.310(d)(1): Device and Media Controls: Implement policies and procedures that govern the receipt and removal of hardware and electronic media that contain electronic protected health information into and out of a facility, and the movement of these items within the facility.

  2. NIST 800-53 IA-3 Device identification and authentication: The information system uniquely identifies and authenticates organization-defined devices before establishing a local or remote network connection.


Service status - Terms of Use