Provide privacy and security notices consistent with applicable “Controlled Unclassified Information” (CUI) rules.

Every system that provides a user with access to controlled unclassified information, must display a privacy/security notice before the user logs in.

Create a privacy/security notice to display on your systems before users log in. Display the banner on computer log-ins, server log-ins, and logins to cloud resources like Microsoft 365. The login banner can read: Information system usage may be monitored or recorded and is subject to audit. The use of this information system affirms consent to monitoring and recording. Unauthorized use of the information systems is prohibited. Unauthorized use is subject to criminal and civil penalties. The information system contains CUI with specific requirements imposed by the Department of Defense and use of the information system may be subject to other specified requirements associated with certain types of CUI such as Export Controlled information.