SC-7(19)—Block Communication From Non-Organizationally Configured Hosts
>Control Description
Block inbound and outbound communications traffic between ⚙organization-defined communication clients that are independently configured by end users and external service providers.
>Cross-Framework Mappings
>Supplemental Guidance
Communication clients independently configured by end users and external service providers include instant messaging clients and video conferencing software and applications. Traffic blocking does not apply to communication clients that are configured by organizations to perform authorized functions.
>Assessment Interview Topics
Questions assessors commonly ask
Process & Governance:
- •What policies govern the implementation of block communication from non-organizationally configured hosts?
- •How are system and communications protection requirements defined and maintained?
- •Who is responsible for configuring and maintaining the security controls specified in SC-7(19)?
Technical Implementation:
- •How is block communication from non-organizationally configured hosts technically implemented in your environment?
- •What systems, tools, or configurations enforce this protection requirement?
- •How do you ensure that block communication from non-organizationally configured hosts remains effective as the system evolves?
Evidence & Documentation:
- •What documentation demonstrates the implementation of SC-7(19)?
- •Can you provide configuration evidence or system diagrams showing this protection control?
- •What logs or monitoring data verify that this control is functioning correctly?
Ask AI
Configure your API key to use AI features.