CMMC 1.0 Practice IA.1.077 Requirement:
Authenticate (or verify) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems.
CMMC 1.0 IA.1.077 Requirement Explanation:
Before you provide access to a person or a device, you need to verify that the user or device is who or what it claims to be. This verification is called authentication. The most common way to verify identity is by using a username and a hard-to-guess password.
Example CMMC 1.0 IA.1.077 Implementation:
Password protect your user accounts, and change any default passwords on your systems.
CMMC 1.0 IA.1.077 Scenario(s):
- Scenario 1:
Alice, a system administrator, creates a group policy requiring all user accounts to be password protected.
- Scenario 2:
Alice, a system administrator received a new router in the mail. The router comes configured with a default password of "admin123". Alice changes the password to something complex that meets her company's password requirements.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
HIPAA Compliance
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.