FedRAMP Wireless Access AC-18

Overview:
The organization:
a. Establishes usage restrictions, configuration/connection requirements, and implementation guidance for wireless access; and
b. Authorizes wireless access to the information system prior to allowing such connections.

Supplemental Guidance:
Wireless technologies include, for example, microwave, packet radio (UHF/VHF), 802.11x, and Bluetooth. Wireless networks use authentication protocols (e.g., EAP/TLS, PEAP), which provide credential protection and mutual authentication.

Related Controls:>/b> AC-2, AC-3, AC-17, AC-19, CA-3, CA-7, CM-8, IA-2, IA-3, IA-8, PL-4, SI-4.

References:>/b> NIST Special Publications 800-48, 800-94, 800-97.

Action Items:
1) Ensure security requirements and implementation requirements exists for wireless connectivity
2) Ensure all wireless access is authorized

Related Documents:
1) Access Control Policy
2) Network Security Policy
3) Wireless Security Policy

Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none

Moderate Additional FedRAMP Requirements and Guidance
none