SI-14(3): Non-persistent Connectivity
Control Family:
Parent Control:
Baselines:
(Not part of any baseline)
Control is new to this version of the control set.
Control Statement
Establish connections to the system on demand and terminate connections after [Assignment: completion of a request, a period of non-use].
Supplemental Guidance
Persistent connections to systems can provide advanced adversaries with paths to move laterally through systems and potentially position themselves closer to high value assets. Limiting the availability of such connections impedes the adversary's ability to move freely through organizational systems.