SC-25: THIN NODES

NOT SELECTED FOR INDUSTRIAL CONTROL SYSTEMS

The organization employs [Assignment: organization-defined information system components] with minimal functionality and information storage.

SUPPLEMENTAL GUIDANCE

The deployment of information system components with reduced/minimal functionality (e.g., diskless nodes and thin client technologies) reduces the need to secure every user endpoint, and may reduce the exposure of information, information systems, and services to cyber attacks.

SC-30 — SYSTEM AND COMMUNICATIONS PROTECTION | CONCEALMENT AND MISDIRECTION

CONTROL ENHANCEMENTS

NO CONTROL ENHANCEMENTS

REFERENCES:

NIST Special Publication 800-82 | GUIDE TO INDUSTRIAL CONTROL SYSTEMS (ICS) SECURITY