SC-42(2): Authorized Use

Control Family:

System And Communications Protection

Parent Control:

SC-42: Sensor Capability And Data

Priority:

P0: Security control not selected in any baseline.

Threats Addressed:

Information Disclosure

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
SC-42(2): Authorized Use

Control Statement

The organization employs the following measures: [Assignment: organization-defined measures], so that data or information collected by [Assignment: organization-defined sensors] is only used for authorized purposes.

Supplemental Guidance

Information collected by sensors for a specific authorized purpose potentially could be misused for some unauthorized purpose. For example, GPS sensors that are used to support traffic navigation could be misused to track movements of individuals. Measures to mitigate such activities include, for example, additional training to ensure that authorized parties do not abuse their authority, or (in the case where sensor data/information is maintained by external parties) contractual restrictions on the use of the data/information.