Skip to content
Catalogs
XCCDF
Traditional Security Checklist
IS-02.02.10
Vault/Secure Room Storage Standards - Automated Entry Control System (AECS) Door Locks: Electric Strikes and/or Magnetic Locking devices used in access control systems shall be heavy duty, industrial grade and be configured to fail secure in the event of a total loss of power (primary and backup).
Vault/Secure Room Storage Standards - Automated Entry Control System (AECS) Door Locks: Electric Strikes and/or Magnetic Locking devices used in access control systems shall be heavy duty, industrial grade and be configured to fail secure in the event of a total loss of power (primary and backup). An XCCDF Rule
Vault/Secure Room Storage Standards - Automated Entry Control System (AECS) Door Locks: Electric Strikes and/or Magnetic Locking devices used in access control systems shall be heavy duty, industrial grade and be configured to fail secure in the event of a total loss of power (primary and backup).
Medium Severity
<VulnDiscussion>There are a variety of locking mechanisms that may be used to secure both primary and secondary doors for vaults and classified open storage areas (secure rooms). While the primary access door is to be secured with an appropriate combination lock when closed; during working hours an AECS using electric strikes or magnetic locks, electrical, mechanical, or electromechanical access control devices, or standard keyed locks may be used to facilitate frequent access to the secured space by employees vetted for unescorted access. Where electrically actuated locks are used, locking mechanisms must be properly configured and controlled to ensure they fail only in a secure state during partial or total loss of power (primary and backup). Failure to provide for these considerations could result in the loss or compromise of classified material.
REFERENCES:
The Information Security Oversight Office (ISOO): http://www.archives.gov/isoo/ Implementing Directive for Protection of Classified (for Executive Order 13526), 32 CFR Parts 2001 and 2003 Classified National Security Information: paragraph 2001.43 Storage, (2) Secret.
CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Enclosure C, paragraph 34.
NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: PE-3, and PE-6.
DoD Manual 5200.01, Volume 3, SUBJECT: DoD Information Security Program: Protection of Classified Information: Appendix to Enclosure 3, paragraph 3.a.(5)(e).
DoD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016, Chapter 5, Section 3, paragraphs 5-312, 5-313, and 5-314.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>