Report on the percentage of notebooks and mobile devices that are required to be in compliance with approved configuration policy before being granted network access.

UCF ID: 02106
Control Type: Actionable Reports or measurements
Status: Live
Metric guidance

Calculation: The calculation for this metric is # of notebooks and mobile devices that are required to verify compliance with approved configuration policy prior to being granted network access / # of notebook and mobile devices .

Calculation source: No authority document source of information exists. The following formula was used: the number of notebooks and mobile devices whose configuration is verified to comply with policies, standards, and procedures before it is granted access to the organization's network divided by the number of notebooks and mobile devices listed in the hardware inventory for each business unit (or the organization as a whole) .

The Common Control IDs associated with this metric are as follows:

    Test and approve all external network connections through the firewall ensuring the changes and changed documentation match and meet organizational standards. [UCF Control ID 01270]
    Install firewalls on all mobile computers, correctly configure all firewalls, and prevent the firewalls from being disabled or changed by end users. [UCF Control ID 00550]

Supporting and supported controls

This control directly supports:

    Establish and maintain a communications, e-mail, and remote access security management metrics program. [UCF Control ID 02079]

There are no supporting controls.

Authority documents complied with:

CISWG Information Security Program Elements, January 10,2005, ISPE23.1

US Federal Security Guidance

The organization must measure and report on the percentage of notebooks and mobile devices that are required to verify compliance with approved configuration policy prior to being granted network access. When they connect to the enterprise network, notebooks and other mobile devices not properly configured and protected with antivirus, personal firewall, intrusion detection and integrity checking software can introduce malicious software (viruses, worms, and Trojan horses) into the network. Before being granted network access, such devices should be automatically checked by a software utility to ensure they are using the security protections required by policy. [ISPE23.1, CISWG Information Security Program Elements, January 10,2005]


Copyright 2005-2009 Unified Compliance Framework™. All rights reserved.


Site and content © Copyright 2003-2009 Network Frontiers, LLC. All rights reserved.