SC-2(1): Interfaces for Non-privileged Users

Control Family:

System and Communications Protection

Parent Control:

SC-2: Separation of System and User Functionality

Threats Addressed:

Elevation of Privilege

Baselines:

(Not part of any baseline)

Previous Version:

NIST Special Publication 800-53 Revision 4:
SC-2(1): Interfaces For Non-Privileged Users

Control Statement

Prevent the presentation of system management functionality at interfaces to non-privileged users.

Supplemental Guidance

Preventing the presentation of system management functionality at interfaces to non-privileged users ensures that system administration options, including administrator privileges, are not available to the general user population. Restricting user access also prohibits the use of the grey-out option commonly used to eliminate accessibility to such information. One potential solution is to withhold system administration options until users establish sessions with administrator privileges.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 5