NIST SP 800-171 & CMMC 2.0 Control 3.13.4 Requirement:

Prevent unauthorized and unintended information transfer via shared system resources.

NIST SP 800-171 & CMMC 2.0 3.13.4 Requirement Explanation:

The control of information in shared resources is commonly referred to as object reuse and residual information protection. This requirement prevents information produced by the actions of prior users from being available to any current users/roles.

Example NIST SP 800-171 & CMMC 2.0 3.13.4 Implementation:

Before deploying an operating system to your environment check the Common Criteria website to determine if it is certified. Check to see if it has "object reuse and residual information protection" controls in place. Most popular operating systems are certified and have object reuse controls. Examples include Red Hat Enterprise Linux and Windows 10.

NIST SP 800-171 & CMMC 2.0 3.13.4 Scenario(s):

- Scenario 1:

A system administrator wants to use an obscure version of the Linux operating system to setup a server. You search the common criteria website to see if the operating system is certified. Upon discovering that it isn't you instruct the system admin to select a certified operating system for the project.

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:


Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.