Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The information system prevents program execution in accordance with [Selection (one or more): [Assignment: organization-defined policies regarding software program usage and restrictions]; rules authorizing the terms and conditions of software program usage].
CM-7 (2) Additional FedRAMP Requirements and Guidance: This control shall be implemented in a technical manner on the information system to only allow programs to run that adhere to the policy (i.e. white listing). This control is not to be based off of strictly written policy on what is allowed or not allowed to run.
NIST 800-53 (r4) Supplemental Guidance:
Related controls: CM-8, PM-5.
NIST 800-53 (r5) Discussion:
Prevention of program execution addresses organizational policies, rules of behavior, and/or access agreements that restrict software usage and the terms and conditions imposed by the developer or manufacturer, including software licensing and copyrights. Restrictions include prohibiting auto-execute features, restricting roles allowed to approve program execution, permitting or prohibiting specific software programs, or restricting the number of program instances executed at the same time.
38North Guidance:
Meets Minimum Requirement:
Prevent the execution of unauthorized software and program execution, such as whitelisting technology (e.g., AppLocker for Windows, AppArmor and SELinux for Linux, behavioral analytics tools such as Guardicore, Tanium, and Prisma Cloud, etc.) .
Best Practice:
TBD
Unofficial FedRAMP Guidance:
TBD
Assessment Evidence:
List of authorized software programs (whitelist) and evidence of most recent software whitelist review
Configuration showing how software installation policies are enforced
CSP Implementation Tips:
Amazon Web Services (AWS): TBD
Microsoft Azure: TBD
Google Cloud Platform: TBD
Page updated
Report abuse