Prevent Unauthorised Network Device Connections
Ensure only approved devices can connect to the network, blocking unauthorised access.
Plain language
To keep your network safe, you need to make sure that only devices you trust can connect to it. If you let any unknown or unauthorised devices in, they could bring in viruses or allow people to steal your data, which can damage your reputation and finances.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
NC, OS, P, S, TS
ISM last updated
Nov 2024
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Guideline
Guidelines for networkingSection
Network design and configurationTopic
Network Access ControlsOfficial control statement
Network access controls are implemented on networks to prevent the connection of unauthorised network devices and networked IT equipment.
Why it matters
Unauthorised devices connecting to the network can bypass protections, enable lateral movement, and lead to data compromise, service disruption, and investigation costs.
Operational notes
Maintain 802.1X/NAC rules, update allowlists/ACLs for approved devices, and review switch/Wi‑Fi logs and alerts for unauthorised connection attempts.
Implementation tips
- IT Team: Identify all devices that need to connect to the network, including computers, printers, and phones. Create a list and ensure each device is approved and known.
- System Administrator: Set up network rules to block any device that's not approved from connecting. Use the network's settings to limit access only to devices on your pre-approved list.
- Office Manager: Keep a physical logbook or digital record of all devices authorised to connect. Check and update this list regularly to ensure only necessary devices have access.
- Security Officer: Provide training sessions for employees on how to recognise unauthorised devices and report suspicious activities. Encourage staff to be vigilant about new or unknown devices.
- Procurement Team: Establish a policy requiring all new network-connected devices to be reviewed and approved before purchase. Ensure that new devices are registered before connecting to the network.
Audit / evidence tips
-
Askthe device authorisation list: Request to see the list of all devices that are allowed to connect to the network
Goodis a comprehensive list with dates and approval signatures
-
Asknetwork access policy: Request the document outlining the procedures for device connection and approval
Goodpolicy will be detailed with recent updates visible
-
Asktraining records: Request documentation of employee training sessions about recognising and reporting unauthorised devices
Goodrecord will have consistent participation and relevant content
-
Asknetwork access logs: Request logs that show which devices have attempted to connect to the network
Goodwill show monitoring and blocked access for unauthorised devices
-
Askto view network access controls: Request a demonstration of how unauthorised devices are blocked
Goodsystem actively restricts and logs unauthorised access attempts
Cross-framework mappings
How ISM-0520 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (1) expand_less | ||
| Annex A 8.20 | ISM-0520 requires network access controls that block unauthorised network devices from connecting | |
| handshake Supports (1) expand_less | ||
| Annex A 8.5 | ISM-0520 requires preventing unauthorised network device connections using network access controls | |
| link Related (1) expand_less | ||
| Annex A 8.3 | Annex A 8.3 requires restricting access to information and associated assets according to an access control policy | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.