NIST recommends that agencies and organizations, prior to connecting to the Internet, develop policy that clearly identifies the Internet services they will be using and how those services will be used. The policy should be clear, concise, and understandable, with a built-in mechanisms for changing the policy. Organizations should strongly consider using firewall systems as part of the implementation of that policy. NIST recommends also that agencies and organizations use advanced authentication measures, i.e., smartcards, or authentication tokens, or other one-time password mechanisms, as an integral part of firewalls for authenticating connections to site systems.