257 – Access based on user credentials
Summary
Physical access to the network for users must be assigned based on organizational user credentials (e.g., NAC 802.1x).
Description
Adopting NAC 802.1x protects against unauthorized devices that try to connect to the network. By associating physical network access to organizational user credentials, the organizations can verify the identity of individuals asking for network access. This adds an extra layer of security and tries to ensure that individuals are who they claim to be before granting them access.
Supported In
Advanced: True
References
- CIS-12_6. Use of secure network management and communication protocols
- CIS-13_9. Deploy port-level access control
- HIPAA-164_312_e_1. Standard: transmission security
- NIST80053-IA-2. Identification and authentication (organizational users)
- SOC2-CC6_6. Logical and physical access controls
- PADSS-6_1. The wireless technology must be implemented securely
- PADSS-6_2. For wireless technology, implement strong encryption for authentication and transmission
- CMMC-AC_L2-3_1_12. Control remote access
- CMMC-PE_L1-3_10_1. Limit physical access
- CMMC-SC_L1-3_13_1. Boundary protection
- HITRUST-01_i. Policy on the use of network services
- HITRUST-01_n. Network connection control
- HITRUST-08_c. Securing offices, rooms and facilities
- HITRUST-08_f. Public access, delivery and loading areas
- HITRUST-09_m. Network controls
- FEDRAMP-SC-8_1. Cryptographic or alternate physical protection
- ISO27002-7_3. Securing offices, rooms and facilities
- ISO27002-8_21. Security of network services
- OSSTMM3-8_5_2. Physical security (access verification) - Authentication
- C2M2-9_2_k. Implement network protections for cybersecurity architecture
- ISO27001-7_3. Securing offices, rooms and facilities
- ISO27001-8_21. Security of network services
- FISMA-IA-2. Identification and authentication (organizational users)
- NIST-PR_AA-06. Physical access to assets is managed, monitored, and enforced commensurate with risk
Last updated
2024/03/05