IA-2(5): Group Authentication

CSF v1.1 References:

Threats Addressed:

Baselines:

(Not part of any baseline)

Next Version:

Control Statement

The organization requires individuals to be authenticated with an individual authenticator when a group authenticator is employed.

Supplemental Guidance

Requiring individuals to use individual authenticators as a second level of authentication helps organizations to mitigate the risk of using group authenticators.