CMMC 1.0 Practice SC.2.178 Requirement:
Prohibit remote activation of collaborative computing devices and provide indication of devices in use to users present at the device.
CMMC 1.0 SC.2.178 Requirement Explanation:
Collaborative computing devices include smart boards, cameras systems, and microphones. This includes cameras and microphones built into laptops. These devices often have the capability of being activated remotely and can capture sensitive information. By disabling this you can reduce the risk of an attacker gaining access to a system and listening into conversations.
Example CMMC 1.0 SC.2.178 Implementation:
If you have a smart board in your office make sure that it indicates (e.g. an on light indicator) when it's camera or microphone is active. The same applies to microphones in conference rooms, they should indicate when they are active. If your devices don't indicate when they are active then hang up a paper stating that microphones may be active. If you have workstations with cameras and microphones configured them to indicate when the camera or microphone is in use. This is often indicated by a small light next to a laptop's camera. Where possible, prevent cameras and microphones from being activated remotely. Using RDP, you can remote into a Windows systems and use the microphone. Disable this feature using group policy.
CMMC 1.0 SC.2.178 Scenario(s):
- Scenario 1:
You want to prevent the remote activation of microphones on your systems. To accomplish this you use group policy to prevent RDP sessions from allowing audio recordings.
Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:
Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.
Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.
Supply Chain Verifier
Trust is everything. Verify, monitor, and support subcontactor compliance.