03.01.18 - Access Control for Mobile Devices

AC_L_18 requires organizations to implement specific access-control safeguards for mobile devices that store, process, or transmit controlled unclassified information. Measures include enforcing authentication, employing encryption, and using mobile device management to limit unauthorized access and ensure that only approved users and applications can interact with CUI on smartphones, tablets, and other portable technology.