CMMC 1.0 Practice AC.2.011 Requirement:
Authorize wireless access prior to allowing such connections.
CMMC 1.0 AC.2.011 Requirement Explanation:
WiFi networks pose additional risk because they are easy to access by a wide range of devices and access to them is less restricted by physical location. This risk can be reduced by only allowing authorized devices to connect to wireless networks.
Example CMMC 1.0 AC.2.011 Implementation:
Define the types of devices allowed onto your company's networks and only allow them access to your WiFi. For example you decide to only allow company owned devices onto your WiFi network. You can enforce this policy via a technical control (e.g. Mac address filtering or 802.1X authentication). If you have guests or employees that need to use WiFi you can setup a separate WiFi network for them. Create an acceptable use policy that specifies the usage restrictions for your WiFi network. Think of the acceptable use policy you accept when you access WiFi at a hotel.
CMMC 1.0 AC.2.011 Scenario(s):
- Scenario 1:
A visitor comes to your facility and wants to access the WiFi. You connect him to the guest WiFi network because only your company devices are allowed on the corporate WiFi network.
- Scenario 2:
John, an employee at your company attempts to connect his personal laptop to your WiFi network. Because you have configured 802.1X authentication for your corporate network he is unable to connect his personal device to it.
Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:
Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.
Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.
Supply Chain Verifier
Trust is everything. Verify, monitor, and support subcontactor compliance.