NIST 800-171 - Remote Maintenance (3.7.5)

Overview:
Require multifactor authentication to establish nonlocal maintenance sessions via external network connections and terminate such connections when nonlocal maintenance is complete.

Action Items:
3.7.5[a]
Determine if: multifactor authentication is used to establish nonlocal maintenance sessions via external network connections.

3.7.5[b]
Determine if: nonlocal maintenance sessions established via external network connections are terminated when nonlocal maintenance is complete.

POTENTIAL ASSESSMENT METHODS AND OBJECTS

1
Examine: System maintenance policy; procedures addressing nonlocal system maintenance; system security plan; system design documentation; system configurationsettings and associated documentation; maintenance records; diagnostic records; other relevant documents or records].

2
Interview: Personnel with system maintenance responsibilities; personnel with information security responsibilities; system or network administrators].

3
Test: Organizational processes for managing nonlocal maintenance; mechanisms implementing, supporting, and managing nonlocal maintenance; mechanisms for strong authentication of nonlocal maintenance diagnostic sessions; mechanisms for terminating nonlocal maintenance sessions and network connections].

Related Documents (document name and content will vary by organization):
1) System maintenance policy
2) procedures addressing nonlocal system maintenance
3) system security plan
4) system design documentation
5) system configurationsettings and associated documentation
6) maintenance records
7) diagnostic records
8) other relevant documents or records

Additional Guidance:
Nonlocal maintenance and diagnostic activities are those activities conducted by individuals communicating through an external network. Authentication techniques used in the establishment of these nonlocal maintenance and diagnostic sessions reflect the network access requirements in 3.5.3.