NIST 800-171 R-3.7.5
Require MFA for Nonlocal Maintenance
Official citation: 3.7.5
Class: core · Severity: high
Statement of the obligation — verify against source
3.7.5
What it means
Require multifactor authentication to open remote (nonlocal) maintenance sessions over external networks, and terminate those connections when the maintenance is done. The authentication strength should match the network-access requirements in 3.5.3.
Educational reference only — not legal advice. Consult a qualified assessor or attorney for binding compliance determinations.