IA-4 (1) Identifier Management | Prohibit Account Identifiers As Public Identifiers
The organization prohibits the use of information system account identifiers that are the same as public identifiers for individual electronic mail accounts.
Applicable CNSSI 1253 Baselines
Confidentiality
- L
- M
- H
Integrity
- L
- M
- H
Availability
- L
- M
- H
Supplemental Guidance
Prohibiting the use of information systems account identifiers that are the same as some public identifier such as the individual identifier section of an electronic mail address, makes it more difficult for adversaries to guess user identifiers on organizational information systems.