Maintenance
Maintenance covers how you keep systems running without creating security gaps. Patching, vendor repairs, remote maintenance, and physical servicing all need controls.
The Two Themes
Section titled “The Two Themes”Maintenance Operations (3.7.1–3.7.4) — Perform maintenance on schedule, control the tools and media used, wipe CUI before off-site repair, and scan vendor media before use.
Personnel & Access (3.7.5–3.7.6) — Require MFA for remote maintenance sessions and supervise uncleared maintenance technicians at all times.
All 6 Requirements
Section titled “All 6 Requirements”| Ref | Short Name | What It Covers |
|---|---|---|
| 3.7.1 | Maintain on Schedule | Regular documented maintenance |
| 3.7.2 | Control Maintenance Tools | Approved tools, inspected vendor equipment |
| 3.7.3 | Wipe Before Repair | Sanitize CUI before off-site maintenance |
| 3.7.4 | Scan Maintenance Media | Check diagnostic media for malware |
| 3.7.5 | MFA for Remote Maintenance | MFA required, session terminated when done |
| 3.7.6 | Escort Uncleared Techs | Supervise unauthorized maintenance personnel |