• Requirement

    Include in the rules of behavior, restrictions on:

    1. Use of social media, social networking sites, and external sites/applications;
    2. Posting organizational information on public websites; and
    3. Use of organization-provided identifiers (e.g., email addresses) and authentication secrets (e.g., passwords) for creating accounts on external sites/applications.
  • Discussion

    Social media, social networking, and external site/application usage restrictions address rules of behavior related to the use of social media, social networking, and external sites when organizational personnel are using such sites for official duties or in the conduct of official business, when organizational information is involved in social media and social networking transactions, and when personnel access social media and networking sites from organizational systems. Organizations also address specific rules that prevent unauthorized entities from obtaining non-public organizational information from social media and networking sites either directly or through inference. Non-public information includes personally identifiable information and system account information.

More Info

  • Title

    Rules of Behavior | Social Media and External Site/application Usage Restrictions
  • Family

  • NIST 800-53B Baseline(s)

    • Low
    • Moderate
    • High
    • Privacy
  • Related NIST 800-53 ID


NIST 800-53A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!