Call now for cybersecurity help: 888-646-1616
adelia_risk_logo_website
Josh Ablett

The 21 Most Common CMMC Technology Projects

December 30, 2020,

November 2021 update on CMMC 2.0: requirements have been pared down. For contractors who are still working on NIST 800-171 compliance, we don’t expect much to change in the near-term, though the burden of proof / evidence should be significantly lower. 

Need help? Our coaching model helps you avoid high consulting fees. 

Are you getting ready to start down the path of getting your CMMC certification?

Based on our recent NIST 800-171 / CMMC projects, here are the 21 most common technology projects that we see companies needing to implement in order to comply.

  1. Windows 10 on all PCs where possible.  In-support versions of all server OS and software (e.g., SQL Server).
  2. If older computers are still required (e.g., to drive equipment), very strict network segmentation and no/limited Internet access.
  3. All computers and servers configured (at least partially) to the appropriate STIGs
  4. There will be a TON of new GPOs that need to be added.  If you're not on a domain, plan to add one.
  5. 2FA everywhere: local access, VPN/remote access, OWA, etc.
  6. More refined network segmentation.  Some companies opt to deploy a NAC.
  7. Secure file sharing system (if they're sharing data internally or with external parties)
  8. Tons of physical security controls (cameras, locks, sometimes badges, systems for tracking visitors, etc.)
  9. Managed encryption everywhere
  10. Mobile device management -- definitely on phones and tablets, ideally on workstations too
  11. Generally, no cloud services handling CUI unless you're in Microsoft 365 GCC High
  12. Wifi access points using FIPS 140-2 encryption
  13. HDD shredding, usually through a NAID-certified service
  14. Business-class firewall with security services enabled and reviewed
  15. At a minimum, firewall logging to a SIEM, with either a SOC service or anomaly detection algorithms
  16. EDR solution or MDR solution on top of the antivirus that you should already have.
  17. Blocking file sharing services / apps
  18. Migrating all users to Standard accounts
  19. USB lockdown and other DLP measures
  20. Offsite backup
  21. Segregation of data in the ERP system and in shared drives

Want help with your NIST 800-171 / CMMC project?  Learn more about what we do here.

Leave a Reply

Your email address will not be published.

We help over 100 of the best financial services, healthcare, and manufacturing companies across the U.S. with their cybersecurity.
Copyright 2022 Adelia Associates, LLC | All Rights Reserved