Employ automated mechanisms to monitor and control remote access methods.
Implement cryptographic mechanisms to protect the confidentiality and integrity of remote access sessions.
Route remote accesses through authorized and managed network access control points.
(a) Authorize the execution of privileged commands and access to security-relevant information via remote access only in a format that provides assessable evidence and for the following needs: [Assignment: organization-defined needs]; and (b) Document the rationale for remote access in the security plan for the system.
[Withdrawn: Incorporated into MP-7.]
Protect information about remote access mechanisms from unauthorized use and disclosure.
[Withdrawn: Incorporated into AC-2k.]
[Withdrawn: Incorporated into AC-6.]
Provide the capability to disconnect or disable remote access to the system within [Assignment: organization-defined time period].
Implement [Assignment: organization-defined mechanisms] to authenticate [Assignment: organization-defined remote commands].
Passcode