MP 2 MEDIA ACCESS - NIST-SP-800-53-R5/NIST-SP-800-53-R5.github.io GitHub Wiki

MP-2 MEDIA ACCESS

Control: Restrict access to [ Assignment: organization-defined types of digital and/or non-digital media ] to [ Assignment: organization-defined personnel or roles ].

Discussion: System media includes digital and non-digital media. Digital media includes flash drives, diskettes, magnetic tapes, external or removable hard disk drives (e.g., solid state, magnetic), compact discs, and digital versatile discs. Non-digital media includes paper and microfilm. Denying access to patient medical records in a community hospital unless the individuals seeking access to such records are authorized healthcare providers is an example of restricting access to non-digital media. Limiting access to the design specifications stored on compact discs in the media library to individuals on the system development team is an example of restricting access to digital media.

Related Controls: AC-19, AU-9, CP-2, CP-9, CP-10, MA-5, MP-4, MP-6, PE-2, PE-3, SC-12, SC-13, SC-34, SI-12.

Control Enhancements:

(1) MEDIA ACCESS | AUTOMATED RESTRICTED ACCESS
[Withdrawn: Incorporated into MP-4(2).]
(2) MEDIA ACCESS | CRYPTOGRAPHIC PROTECTION
[Withdrawn: Incorporated into SC-28(1).]

References: [OMB A-130], [FIPS 199], [SP 800-111].

MP 2 MEDIA ACCESS - NIST-SP-800-53-R5/NIST-SP-800-53-R5.github.io GitHub Wiki

MP-2 MEDIA ACCESS

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️