NIST SP 800-171 & CMMC 2.0 3.1.3 Requirement:
Control the flow of CUI in accordance with approved authorizations.
NIST SP 800-171 & CMMC 2.0 3.1.3 Requirement Explanation:
By placing a firewall or other proxy between your network and the internet you prevent direct access to your systems from the internet. You can also prevent certain types of information from exiting your network. Employees must take special care when sending CUI over an external network. CUI should only be sent in encrypted form.
Example NIST SP 800-171 & CMMC 2.0 3.1.3 Implementation:
Use a firewall to control traffic entering and exiting your network. Configure firewall rules that limit traffic to specific ports. Instruct employees that they may only email, transfer, or share CUI in ecrypted form. They can do this using encrypted email (S/MIME), SFTP file transfer, or by sharing links to a secure cloud storage location.
NIST SP 800-171 & CMMC 2.0 3.1.3 Scenario(s):
- Scenario 1:
You setup a firewall on your network. This prevents traffic external traffic from directly accessing your internal network. Your firewall analyzes traffic and only allows authorized traffic into the network.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
HIPAA Compliance
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.