AC-17(6): Protection of Mechanism Information

Control Family:

Access Control

Parent Control:

AC-17: Remote Access

CSF v1.1 References:

Threats Addressed:


(Not part of any baseline)

Previous Version:

Control Statement

Protect information about remote access mechanisms from unauthorized use and disclosure.

Supplemental Guidance

Remote access to organizational information by non-organizational entities can increase the risk of unauthorized use and disclosure about remote access mechanisms. The organization considers including remote access requirements in the information exchange agreements with other organizations, as applicable. Remote access requirements can also be included in rules of behavior (see PL-4) and access agreements (see PS-6).