AC-20(5)

  • Requirement

    Prohibit the use of organization-controlled portable storage devices by authorized individuals on external systems.

  • Discussion

    Limits on the use of organization-controlled portable storage devices in external systems include a complete prohibition of the use of such devices. Prohibiting such use is enforced using technical methods and/or nontechnical (i.e., process-based) methods.

More Info

  • Title

    Use of External Systems | Portable Storage Devices — Prohibited Use
  • Family

    Access Control
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

      MP-7;PL-4;PS-6;SC-41

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!