← Controls / AC

AC-18 Wireless Access Restrictions

Access Control

Low Moderate High

Description

The organization: (i) establishes usage restrictions and implementation guidance for wireless technologies; and (ii) authorizes, monitors, controls wireless access to the information system.

Supplemental Guidance

NIST Special Publications 800-48 and 800-97 provide guidance on wireless network security. NIST Special Publication 800-94 provides guidance on wireless intrusion detection and prevention.

Changes from Rev 4

Control text drops 'usage restrictions' Adds 'for each type of' wireless access

MITRE ATT&CK Techniques (25)

ATT&CK v16.1

Techniques mitigated by this control, mapped via CTID.

Defense Evasion 4 Credential Access 10 Discovery 1 Collection 8 Exfiltration 3 Impact 3

Compliance Mappings

COBIT 2019

DSS05

PCI DSS v4.0.1

11.2

NIS2 Directive

Art. 21(2)(i)

MAS TRM

9

BSI IT-Grundschutz

ORP.4

ANSSI

Hygiene.25Hygiene.26SecNumCloud.14.3

FINMA Circular 2023/1

IV.B.d(59)IV.C(62)

OSFI B-13

B-13.3.2

EU GDPR

Art.32(1)(a)Art.32(1)(b)

EU DORA

Art.9(4)(a)

RBI CSF

Annex1.4ITGRCA.19

FISC Security Guidelines

FISC.T10FISC.T3

HKMA TM-E-1

TME1.8.5

MLPS 2.0

8.1.3.18.38.5

SAMA CSF

3.13.3

UAE IA

T8T9

CBB TM

TM-6TM-8

Qatar NIA

ACCS

CBE CSF

CTO-6

BoM CTRM

3.2

FFIEC IS

II.C.15(c)II.C.9

HIPAA Security Rule

§164.312(e)(1)

ECB CROE

CROE.2.3.5

BOT Cyber Resilience

Ch2.4

CMMC 2.0

AC

PCI PTS v6

J

Solvency II

EIOPA-ICT-4.6

Lloyd's Minimum Standards

MS8.9

HITRUST CSF v11

01.b

ISO 17799 (legacy)

11.4.211.7.111.7.2

COBIT 4.1 (legacy)

None.