Doc:NIST SP 800-53r3 Appendix F/AC-19/4

From FISMApedia
Jump to: navigation, search
(4) The organization:
(a) Prohibits the use of unclassified mobile devices in facilities containing information systems processing, storing, or transmitting classified information unless specifically permitted by the appropriate authorizing official(s); and
(b) Enforces the following restrictions on individuals permitted to use mobile devices in facilities containing information systems processing, storing, or transmitting classified information:
- Connection of unclassified mobile devices to classified information systems is prohibited;
- Connection of unclassified mobile devices to unclassified information systems requires approval from the appropriate authorizing official(s);
- Use of internal or external modems or wireless interfaces within the mobile devices is prohibited; and
- Mobile devices and the information stored on those devices are subject to random reviews/inspections by [Assignment: organization-defined security officials], and if classified information is found, the incident handling policy is followed.