ID.AM-03 - Mapping Network Communication Flows
ID.AM-03 involves maintaining up-to-date representations of authorized network communications and data flows, both within the organization and with external entities. This includes documenting baselines for wired, wireless, and cloud-based interactions, as well as expected protocols and ports. It ensures visibility into how data moves, critical for detecting anomalies or unauthorized access.
This subcategory supports risk management by providing a reference for normal network behavior, enabling quick identification of deviations that might signal a breach. It fosters secure configuration and monitoring of network infrastructure, including third-party connections. ID.AM-03 underpins a robust defense against network-based threats.
