AC-19(04) Restrictions for Classified Information
(a) Prohibit the use of unclassified mobile devices in facilities containing systems processing, storing, or transmitting classified information unless specifically permitted by the authorizing official; and
(b) Enforce the following restrictions on individuals permitted by the authorizing official to use unclassified mobile devices in facilities containing systems processing, storing, or transmitting classified information:
(1) Connection of unclassified mobile devices to classified systems is prohibited;
(2) Connection of unclassified mobile devices to unclassified systems requires approval from the authorizing official;
(3) Use of internal or external modems or wireless interfaces within the unclassified mobile devices is prohibited; and
(4) Unclassified mobile devices and the information stored on those devices are subject to random reviews and inspections by ac-19.04_odp.01 , and if classified information is found, the incident handling policy is followed.
(c) Restrict the connection of classified mobile devices to classified systems in accordance with ac-19.04_odp.02.
| Parameter ID | Definition |
|---|---|
| ac-19.04_odp.01 | security officials |
| ac-19.04_odp.02 | security policies |
Baselines
- L
- M
- H
- P
Guidance
None.
Related controls 2
- CM-08 System Component Inventory L M H P
- IR-04 Incident Handling L M H P