11.6: Use Dedicated Machines For All Network Administrative Tasks
Threats Addressed:
The next version of the control set incorporates all or part of this control into: 12.8: Establish and Maintain Dedicated Computing Resources for All Administrative Work.
Control Statement
Ensure network engineers use a dedicated machine for all administrative tasks or tasks requiring elevated access. This machine shall be segmented from the organization’s primary network and not be allowed Internet access. This machine shall not be used for reading email, composing documents, or surfing the Internet.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]