Fluid Attacks logo
Contact Us
Young hacker smiling
Zero false positives

Expert intelligence + effective automation

Contact logo Contact Us

REQ.194 Authorize device access to resources

This document contains the details of the security requirements related to the definition and management of foreign devices in the organization. This requirement establishes the importance of authorizing the access of foreign devices to inner resources in the facilities.


The organization must determine what kind of foreign devices are allowed to consume inner resources.


  1. HIPAA Security Rules 164.310(d)(1): Device and Media Controls: Implement policies and procedures that govern the receipt and removal of hardware and electronic media that contain electronic protected health information into and out of a facility, and the movement of these items within the facility.

  2. NIST 800-53 IA-3 Device identification and authentication: The information system uniquely identifies and authenticates organization-defined devices before establishing a local or remote network connection.

Service status - Terms of Use