CMMC 1.0 Practice CM.2.063 Requirement:

Control and monitor user-installed software.

CMMC 1.0 CM.2.063 Requirement Explanation:

Allowing users to install software on their systems increases cyber risk. They can accidentally install malware on their systems and the more software you have on your systems the larger your attack surface. It is is also difficult to keep unapproved software updated which can result in increased risk.

Example CMMC 1.0 CM.2.063 Implementation:

Do not provide your end users with administrative privileges as this allows them to install any software they wish. Uninstall any software from your systems that does not have an approved business need.

CMMC 1.0 CM.2.063 Scenario(s):

- Scenario 1:

John, an end user attempts to install a game onto his company workstation. He is prompted for an admin password. Because he is not an admin he is unable to install the game. John asks Alice, a system administrator to install it. She informs him that only approved software may be installed.
 

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:

/assets/images/app/complaince_accelerator.gif

Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.
Become Compliant
/assets/images/app/quantum_accelerator.gif

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.
Provide Services
/assets/images/app/supply_chain_verifier.gif

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.
Verify Subcontactors