CA.2.158 Ongoing Security Assessment (CMMC Level 2)
Periodically assess the security controls in organizational systems to determine if the controls are effective in their application.
Author Archive for: kellepc
Entries by Kellep Charles
AC.1.004 Publicly Posted Information (CMMC Level 1)
Control information posted or processed on publicly accessible information systems.
MP.1.118 Media Destruction – Sanitation (CMMC Level 1)
Sanitize or destroy information system media containing Federal Contract Information before disposal or release for reuse.
AC.1.003 External/Remote Connections (CMMC Level 1)
Verify and control/limit connections to and use of external information systems.
AC.1.002 User Access Restrictions (CMMC Level 1)
Limit information system access to the types of transactions and functions that authorized users are permitted to execute.
AC.1.001 Basic Security Requirements (CMMC Level 1)
Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems).
Internet Safety Day 2021
Today, Tuesday, 9 February 2021, we celebrate the 18th edition of Safer Internet Day with actions taking place right across the globe. With a theme once again of “Together for a better internet”, this day calls upon all stakeholders to join together to make the internet a safer and better place for all, and especially for children and young people.
CMMC Level 3 Control – Email Sandboxing (SI.3.220)
An overview for this control states an organization should utilize sandboxing to detect or block potentially malicious email. The action can prevent malicious files from entering the network and should be document in the Configuration Management Policy.
Password Security Question Recommendations
It is risky to post security questions. Security questions exist on pretty much every website that requires a username and password.
Zoom enacts security and privacy control to prevent Zoombombing
On April 5th, Zoom turned on the passwords and waiting room features for meetings by default aimed at users of their free version and those with a single license version to help prevent “Zoombombing”.
