Overview:
The organization:
a. Establishes usage restrictions, configuration/connection requirements, and implementation guidance for wireless access; and
b. Authorizes wireless access to the information system prior to allowing such connections.
Supplemental Guidance:
Wireless technologies include, for example, microwave, packet radio (UHF/VHF), 802.11x, and Bluetooth. Wireless networks use authentication protocols (e.g., EAP/TLS, PEAP), which provide credential protection and mutual authentication.
Related Controls:>/b> AC-2, AC-3, AC-17, AC-19, CA-3, CA-7, CM-8, IA-2, IA-3, IA-8, PL-4, SI-4.
References:>/b> NIST Special Publications 800-48, 800-94, 800-97.
Action Items:
1) Ensure security requirements and implementation requirements exists for wireless connectivity
2) Ensure all wireless access is authorized
Related Documents:
1) Access Control Policy
2) Network Security Policy
3) Wireless Security Policy
Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none
Moderate Additional FedRAMP Requirements and Guidance
none
Article ID: 43
Created: September 25, 2022
Last Updated: September 26, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/fedramp-wireless-access-ac-18-43.html