Remote maintenance and repair of an organization's assets must be performed so that it is approved, logged, and performed in a manner that prevents unauthorized access. The person conducting the remote maintenance and repair must be required to perform multi-step authentication.
The organization shall ensure that the monitoring and management of remote connections is automated, that remote connections are encrypted to ensure their integrity and reliability, and that remote connections pass only through approved and managed Network Access Control (NAC).
The organization must also make possible for the remote connections to be closed within a specified time.