← Back to catalog
AC-10

Concurrent Session Control

Access Control (AC)
Baselines
Low · Not includedModerate · Not includedHigh · Included
Description

Limit the number of concurrent sessions for each [assignment] to [assignment].

Discussion

Organizations may define the maximum number of concurrent sessions for system accounts globally, by account type, by account, or any combination thereof. For example, organizations may limit the number of concurrent sessions for system administrators or other individuals working in particularly sensitive domains or mission-critical applications. Concurrent session control addresses concurrent sessions for system accounts. It does not, however, address concurrent sessions by single users via multiple system accounts.

Implementation guidance

No content available.

CSF 2.0 crosswalk
PR.AA-05Access permissions, entitlements, and authorizations are defined in a policy, managed, enforced, and reviewed, and incorporate the principles of least privilege and separation of dutiesProtect