CMMC 1.0 Practice MA.2.113 Requirement:
Require multifactor authentication to establish nonlocal maintenance sessions via external network connections and terminate such connections when nonlocal maintenance is complete.
CMMC 1.0 MA.2.113 Requirement Explanation:
When a persons remotely connects to a system to conduct maintenance they generally do so with a privileged account. This creates additional risk that can be reduced by requiring multifactor authentication.
Example CMMC 1.0 MA.2.113 Implementation:
When system admins connect to your network via VPN with their privileged accounts require them to authenticate with Multifactor authentication.
CMMC 1.0 MA.2.113 Scenario(s):
- Scenario 1:
Alice a system administrator needs to connect to her company's file server from home using a VPN connection. Because she is an admin her account is configured to require multifactor authentication when she connects to the VPN.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
HIPAA Compliance
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.