SC-41: Port And I/O Device Access

Control Family:

System And Communications Protection

Priority:

P0: Security control not selected in any baseline.

CSF v1.1 References:

PR.PT-4

Threats Addressed:

Tampering
Information Disclosure

Baselines:

Low
N/A
Moderate
N/A
High
N/A

Next Version:

NIST Special Publication 800-53 Revision 5:
SC-41: Port and I/O Device Access

Control Statement

The organization physically disables or removes [Assignment: organization-defined connection ports or input/output devices] on [Assignment: organization-defined information systems or information system components].

Supplemental Guidance

Connection ports include, for example, Universal Serial Bus (USB) and Firewire (IEEE 1394). Input/output (I/O) devices include, for example, Compact Disk (CD) and Digital Video Disk (DVD) drives. Physically disabling or removing such connection ports and I/O devices helps prevent exfiltration of information from information systems and the introduction of malicious code into systems from those ports/devices.

Control Statement

Supplemental Guidance

Related Controls

Critical Security Controls Version 7.1