When using an A/B switch to switch a peripheral between two or more users the risk always exists where the peripheral is connected to the wrong IS. An example would be a scanner shared between two systems using an A/B switch. If the user presses the scan button when the A/B switch is pointed to a different IS than the user intended, the document would be scanned into the wrong system. This could lead to the compromise of sensitive data.
The ISSO or SA will ensure an A/B switch is not used to share a peripheral device between two or more users.
The reviewer will interview the ISSO or SA to verify that A/B switches are not being used to share peripherals between two users. If an A/B switch is being used to share peripherals between users, this is a finding.
Fix Text (F-6405r1_fix)
Develop a plan to remove all A/B switches that are being used to switch peripherals between two or more users and to acquire new peripherals to support documented needs. Obtain CM approval of the plan and execute the plan.