Young hacker smiling

We hack your software

zero false positives

Expert intelligence + effective automation

REQ.257 Access based on user credentials

This document contains the details of the security requirements related to the definition and management of logical networks in the organization. This requirement establishes the importance of defining an access model based on organizational user credentials.

Requirement

Physical access to the network for users must be assigned based on organizational user credentials (e.g. NAC 802,1x).

References

  1. HIPAA Security Rules 164.312(e)(1): Transmission Security: Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.

  2. NIST 800-53 IA-2 Identification and authentication: The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).


Service status - Terms of Use