IA-2(5): Individual Authentication with Group Authentication

Control Family:

Identification and Authentication

Parent Control:

IA-2: Identification and Authentication (organizational Users)

CSF v1.1 References:

PR.AC-1
PR.AC-6
PR.AC-7

Threats Addressed:

Repudiation

Baselines:

High

Previous Version:

NIST Special Publication 800-53 Revision 4:
IA-2(5): Group Authentication

Control Statement

When shared accounts or authenticators are employed, require users to be individually authenticated before granting access to the shared accounts or resources.

Supplemental Guidance

Individual authentication prior to shared group authentication mitigates the risk of using group accounts or authenticators.