Description: 

Establishing usage restrictions and configuration/connection requirements for wireless access to the system provides criteria for organizations to support wireless access authorization decisions. Such restrictions and requirements reduce the susceptibility to unauthorized access to the system through wireless technologies. Wireless networks use authentication protocols which provide credential protection and mutual authentication.  [SP 800-97] provides guidance on secure wireless networks. 


Priority: High 


Category: Network Security 


Services Associated with AWS: 

  • AWS Identity and Access Management (IAM), AWS Directory Service, AWS Network Firewall
  • AWS Identity and Access Management (IAM), AWS Directory Service, AWS Secrets Manager 


Objective Evidence: 

  • Administrative: documented policies, standards & procedures 
  • Administrative: supporting documentation to demonstrate the "secure practices" used to build technology platform-specific secure baseline configurations 
  • Technical: screen shot of wireless settings


Possible Technology Considerations: 

  • Secure Baseline Configurations (SBC) 


What needs to be answered:

Is there a policy on wireless devices connecting to the network? Is wireless access to the system authorized, monitored, and managed? 


  • Authorize Wireless Access Prior to Connection
    Description: This check ensures that wireless access to the system is authorized before allowing such connections. Establishing usage restrictions and configuration/connection requirements for wireless access helps reduce the susceptibility to unauthorized access through wireless technologies.
  • Implement Secure Authentication Protocols for Wireless Networks
    Description: This check confirms that secure authentication protocols are implemented for wireless networks, providing credential protection and mutual authentication to enhance the security of wireless access.


More details:  CUI contained on cloud based systems and not on internal network.