NIST 800-53 Rev 5
424 controls available
Nondestructive Techniques
Media Protection
Control Statement
Apply nondestructive sanitization techniques to portable storage devices prior to connecting such devices to the system under the following circumstances: {{ insert: param, mp-06.03_odp }}.
Discussion
Portable storage devices include external or removable hard disk drives (e.g., solid state, magnetic), optical discs, magnetic or optical tapes, flash memory devices, flash memory cards, and other external or removable disks. Portable storage devices can be obtained from untrustworthy sources and contain malicious code that can be inserted into or transferred to organizational systems through USB ports or other entry portals. While scanning storage devices is recommended, sanitization provides additional assurance that such devices are free of malicious code. Organizations consider nondestructive sanitization of portable storage devices when the devices are purchased from manufacturers or vendors prior to initial use or when organizations cannot maintain a positive chain of custody for the devices.
- Framework
- NIST SP 800-53 Rev 5
- Family
- Media Protection
- Baselines
- high
Related Frameworks
2 paths across 1 framework
Related Frameworks
CCI2 mappings
- DISA · 2025-01-23 · disa_cci_list · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
Related STIGs
5 STIGs reach this control through 21 CCIs. Expand a row to see the responsible NICE and O*NET roles.