CMMC 1.0 Practice MP.3.122 Requirement:

Mark media with necessary “Controlled Unclassified Information” (CUI) markings and distribution limitations.

CMMC 1.0 MP.3.122 Requirement Explanation:

The term marking refers to applying notices on digital and non-digital media indicating that they contain controlled information. By marking media employees are aware of the security processes and policies associated with handling the data.

Example CMMC 1.0 MP.3.122 Implementation:

Mark any digital media containing CUI with a label reading "controlled". This includes thumb drives, CD's, and hard drives. Mention CUI in your system usage notification notifications (see practice AC.2.005). Mark non-digital media such as papers containing CUI. Post a notice outside of rooms where CUI is stored. Mark containers that hold CUI. Use the "Marking Controlled Unclassified Information" guide released by the national archives as a reference when marking and labeling CUI.

CMMC 1.0 MP.3.122 Scenario(s):

- Scenario 1:

You have several hard drives and thumb rives containing CUI. To indicate that they require additional care when handled you print out a marking reading "controlled" and tape it to the drives.

- Scenario 2:

You have several file cabinets that you want to use to store paperwork containing CUI. To indicate that it contains CUI you mark it with a printout reading " Contains Controlled Unclassified Information".

- Scenario 3:

You are creating a document that will contain CUI. To indicate that it contains CUI you type "Controlled" at the top and bottom of the document.
 

Quick & Simple

Discover Our Cybersecurity Compliance Solutions:

Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you

NIST SP 800-171 & CMMC Compliance App

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
Learn More
HIPAA Compliance App

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
Learn More
FAR 52.204-21 Compliance App

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
Learn More
ISO 27001 Compliance App

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.
Learn More