SI-8: Spam Protection
Control Family:
CSF v1.1 References:
Next Version:
- NIST Special Publication 800-53 Revision 5:
- SI-8: Spam Protection
Control Statement
The organization:
- Employs spam protection mechanisms at information system entry and exit points to detect and take action on unsolicited messages; and
- Updates spam protection mechanisms when new releases are available in accordance with organizational configuration management policy and procedures.
Supplemental Guidance
Information system entry and exit points include, for example, firewalls, electronic mail servers, web servers, proxy servers, remote-access servers, workstations, mobile devices, and notebook/laptop computers. Spam can be transported by different means including, for example, electronic mail, electronic mail attachments, and web accesses. Spam protection mechanisms include, for example, signature definitions.
Control Enhancements
SI-8(1): Central Management
Baseline(s):
- Moderate
- High
The organization centrally manages spam protection mechanisms.
SI-8(2): Automatic Updates
Baseline(s):
- Moderate
- High
The information system automatically updates spam protection mechanisms.
SI-8(3): Continuous Learning Capability
Baseline(s):
The information system implements spam protection mechanisms with a learning capability to more effectively identify legitimate communications traffic.