Navigate

IA-2 (7)

IA-2 (7): Network Access To Non-Privileged Accounts - Separate Device

The information system implements multifactor authentication for network access to non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access and the device meets [Assignment: organization-defined strength of mechanism requirements].

Supplemental

None

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
NC3, Privacy (High), Privacy (Mod)

Related Controls

The controls below (if any) were marked by NIST as being related to IA-2 (7).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of IA-2 (7).

Control	Description
No controls

Related CCIs

The CCIs below are tied to IA-2 (7).

CCI	Definition
CCI-001938	The organization defines the strength of mechanism requirements for the device that is separate from the system gaining access to non-privileged accounts.
CCI-001939	The information system implements multifactor authentication for network access to non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access.
CCI-001940	The device used in the information system implementation of multifactor authentication for network access to non-privileged accounts meets organization-defined strength of mechanism requirements.