CMMC 1.0 Practice IA.3.086 Requirement:

Disable identifiers after a defined period of inactivity.

CMMC 1.0 IA.3.086 Requirement Explanation:

Accounts that have not been logged into for a certain period of time (90 days) may no longer be needed. Leaving them open increases your attack surface, as a result, all accounts that have been inactive for a defined period should be disabled.

Example CMMC 1.0 IA.3.086 Implementation:

Create a policy requiring you to disable accounts after a period of inactivity (e.g., 90 days) . You can manually do this however in a large organizations with hundreds or thousands of accounts use of an automated tool may be justified. If you use active directory to manage your user accounts you can create a script to automatically disable inactive accounts.

CMMC 1.0 IA.3.086 Scenario(s):

- Scenario 1:

Your company policy requires that accounts that are inactive for 90 days must be disabled. To enforce this policy you write a script automatically disabling inactive user accounts.
 

Quick & Simple

Discover Our Cybersecurity Compliance Solutions:

Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you

 NIST SP 800-171 & CMMC Compliance App

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
 HIPAA Compliance App

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
 FAR 52.204-21 Compliance App

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
 ISO 27001 Compliance App

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.