“Domain” is a term you come across often when researching the Cybersecurity Maturity Model Certification (CMMC). But what are CMMC domains, exactly? In today’s post, we tell you everything you need to know about this crucial component of the CMMC ecosystem. A Definition of CMMC Domains Cybersecurity Maturity Model Certification (CMMC) domains are groups or…
Regardless of the Cybersecurity Maturity Model Certification (CMMC) level you need to achieve, there are some practices you need to observe. One of these practices is AC.L1-3.1.1, Authorized Access Control. Keep reading to learn more. What Is AC.L1-3.1.1? Let’s start by making sense of the different components of the CMMC practice number: AC indicates that…
Anyone looking to comply with the Cybersecurity Maturity Model Certification (CMMC) needs to be aware of POA&Ms. Keep reading to learn what a POA&M is, why they matter, and how to use them within your compliance strategy. A Basic Definition of POA&M The term POA&M stands for Plan of Actions and Milestones. As the name…
If you are looking into the process of becoming CMMC compliant, you are probably wondering how many CMMC controls you need to comply with. Keep reading to discover the answer and learn more about CMMC. CMMC: The Basics The Cybersecurity Maturity Model Certification is a cybersecurity framework designed by the Department of Defense (DoD) to…
Creating a System Security Plan (SSP) is an essential step toward achieving CMMC compliance. That’s why in today’s post, we provide a detailed overview of SSPs, from a basic definition to what an SSP template looks like. System Security Plan (SSP): A Basic Definition A System Security Plan (or SSP) is a formal document that…
The Cybersecurity Maturity Model Certification (CMMC) practice AC.L2-3.1.3 requires defense contractors to control the flow of Controlled Unclassified Information (CUI). But what does this mean, exactly? Keep reading to learn more about what compliance with this CMMC practice entails. CMMC Practice AC.L2-3.1.3: the Basics According to the CMMC practice AC.L2-3.1.3, “Control CUI Flow,” companies within…
As you navigate your way through the Cybersecurity Maturity Model Certification (CMMC) compliance, you will come across the term “principle of least functionality.” But what does it mean, exactly? In today’s blog post, we give you all the resources you need to understand this key concept. About the Principle of Least Functionality Least functionality is…
Anyone who has ever used an online service such as email or social media is familiar with the term “multifactor authentication.” But is it required as part of the Cybersecurity Maturity Model Certification (CMMC)? In today’s post, we provide all the answers you need. What Is Multifactor Authentication? Multifactor authentication (or MFA for short) is…
When it comes to the Cybersecurity Maturity Model Certification (CMMC), there are many terms you need to be aware of. One of those acronyms is RPO or Registered Provider Organization. Keep reading to take a closer look at this important part of the CMMC ecosystem. About Registered Provider Organizations (RPOs) Before we delve into the…
You may think of the Cybersecurity Maturity Model Certification (CMMC) as a framework that deals exclusively with the technical side of cybersecurity. However, the human factor also plays a role in IT. So, does CMMC require background checks? Keep reading to find out. What Is CMMC? The Cybersecurity Maturity Model Certification is a three-level model…