← Back to catalog
CM-2(7)

Configure Systems and Components for High-risk Areas

Configuration Management (CM)
Baselines
Low · Not includedModerate · IncludedHigh · Included
Description

Issue [assignment] with [assignment] to individuals traveling to locations that the organization deems to be of significant risk; and Apply the following controls to the systems or components when the individuals return from travel: [assignment].

Discussion

When it is known that systems or system components will be in high-risk areas external to the organization, additional controls may be implemented to counter the increased threat in such areas. For example, organizations can take actions for notebook computers used by individuals departing on and returning from travel. Actions include determining the locations that are of concern, defining the required configurations for the components, ensuring that components are configured as intended before travel is initiated, and applying controls to the components after travel is completed. Specially configured notebook computers include computers with sanitized hard drives, limited applications, and more stringent configuration settings. Controls applied to mobile devices upon return from travel include examining the mobile device for signs of physical tampering and purging and reimaging disk drives. Protecting information that resides on mobile devices is addressed in the [MP](#mp) (Media Protection) family.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.