NIST 800 – 171 3.1.2

Limit information system access to the types of transactions and functions that authorized users are permitted to execute. Once you have a domain and you have identified who will have access to the sensitive data, you will want to restrict access to those systems from any ordinary user or member of your network from accessing…