U.S. Department of Health and Human Services
System interconnection is the direct connection of two or more IT systems for the purpose of sharing information resources. (NIST SP 800-18 Rev.1)
If not appropriately protected, system interconnection can result in a compromise of all connected systems and the data they store, process, or transmit. System Owners, information owners, and management need information from IT Administrators about vulnerabilities associated with system interconnections and information sharing to select appropriate security controls.
NIST recommends a Joint Planning Team approach (including IT Administrators, Program Managers, ISSOs) for interconnection planning, and an approval process for the interconnection. With existing interconnections, the appropriate documentation should be created at the current point in the system's life cycle.
Page 1 of 5
Security Implications of Interconnections