Overview:
The information system routes all remote accesses through [Assignment: organization-defined number] managed network access control points.
Supplemental Guidance:
Limiting the number of access control points for remote accesses reduces the attack surface for organizations. Organizations consider the Trusted Internet Connections (TIC) initiative requirements for external network connections.
Related Controls: SC-7
Action Items:
1) Ensure all remote access is routed through managed points
2) Implement access controls
Related Documents:
1) Access Control Policy
2) Network Security Policy
3) Remote Access Policy
Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none
Moderate Additional FedRAMP Requirements and Guidance
none
Article ID: 40
Created: September 25, 2022
Last Updated: September 26, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/fedramp-managed-access-control-points-ac-17-3-40.html