Navigate

IA-2(5)

IA-2(5): Individual Authentication with Group Authentication

When shared accounts or authenticators are employed, require users to be individually authenticated before granting access to the shared accounts or resources.

Supplemental

Individual authentication prior to shared group authentication mitigates the risk of using group accounts or authenticators.

CIA Levels
Confidentiality	low
Integrity	low
Availability	unknown

Overlays
DAF Baseline, Privacy (accountability), Privacy (high), Privacy (low), Privacy (moderate)

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to IA-2(5).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of IA-2(5).

Control	Description
No controls

Related CCIs

The CCIs below are tied to IA-2(5).

CCI	Definition
CCI-004045	Require users to be individually authenticated before granting access to the shared accounts or resources.