Navigate

SC-25

SC-25: Thin Nodes

The organization employs [Assignment: organization-defined information system components] with minimal functionality and information storage.

Supplemental

The deployment of information system components with reduced/minimal functionality (e.g., diskless nodes and thin client technologies) reduces the need to secure every user endpoint, and may reduce the exposure of information, information systems, and services to cyber attacks.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
None

Related Controls

The controls below (if any) were marked by NIST as being related to SC-25.

Control	Description
SC-30	The organization employs [Assignment: organization-defined concealment and misdirection techniques] for [Assignment: organization-defined information systems] at [Assignment: organization-defined time periods] to confuse and mislead adversaries.

Enhancements

The controls below (if any) add on to the requirements of SC-25.

Control	Description
No controls

Related CCIs

The CCIs below are tied to SC-25.

CCI	Definition
CCI-001194	The information system employs organization-defined information system components with minimal functionality and information storage.
CCI-002471	The organization defines the information system components, with minimal functionality and information storage, to be employed.