13.5: Manage Access Control for Remote Assets
Threats Addressed:
Incorporates the following controls from the previous version: 12.2: Scan for Unauthorized Connections Across Trusted Network Boundaries, 12.12: Manage All Devices Remotely Logging into Internal Network.
Control Statement
Manage access control for assets remotely connecting to enterprise resources. Determine amount of access to enterprise resources based on: up-to-date anti-malware software installed, configuration compliance with the enterprise’s secure configuration process, and ensuring the operating system and applications are up-to-date.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]