NIST SP 800-171 & CMMC 2.0 3.1.18 Requirement:

Control connection of mobile devices.

NIST SP 800-171 & CMMC 2.0 3.1.18 Requirement Explanation:

Mobile devices that don't meet your organization's security requirements can pose security risks. By establishing and enforcing mobile device connections requirements you can help protect CUI on mobile devices.

Example NIST SP 800-171 & CMMC 2.0 3.1.18 Implementation:

Mobile devices generally refer to smart phones and tablets. Document a set of requirements that mobile devices need to meet before they are used to process, store, or transmit CUI. Use a mobile device management (MDM) system to enforce your mobile device security requirements. This can be accomplished using Active Sync settings in the Micrososft 365 Exchange Admin Center.

NIST SP 800-171 & CMMC 2.0 3.1.18 Scenario(s):

- Scenario 1:

A user wants to use corporate email on his phone. When he downloads the Outlook app onto his phone and tries to sign into his email he gets a message requiring him to enable encryption and a pin code for his phone. This is because the company has required those settings in the Microosoft 365 exchange admin portal.
 

Quick & Simple

Discover Our Cybersecurity Compliance Solutions:

Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you

 NIST SP 800-171 & CMMC Compliance App

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
 HIPAA Compliance App

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
 FAR 52.204-21 Compliance App

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
 ISO 27001 Compliance App

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.