NET-06.3: Sensitive / Regulated Data Enclave (Secure...

NET-06.3 · Sensitive / Regulated Data Enclave (Secure Zone)

Control Description

Mechanisms exist to implement segmentation controls to restrict inbound and outbound connectivity for sensitive/regulated data enclaves (secure zones).

Control Question

Assessment question for control validation

Does the organization implement segmentation controls to restrict inbound and outbound connectivity for sensitive/regulated data enclaves (secure zones)?

Control Weighting

Validation Cadence

Annual

NIST CSF Function

Protect

Supply Chain Risk Management (SCRM) Tiers

Applicable SCRM tier levels for this control

Tier 3 - Tactical

Core Control Designations

Special designations and baseline inclusions

MAD: NET-06.3

ESP Level 2: NET-06.3

ESP Level 3: NET-06.3