Reference: CMMC 2.11
Family: AC
Level Introduced: 2
Title: Remote Access Confidentiality
Practice:
Employ cryptographic mechanisms to protect the confidentiality of remote access sessions.
CMMC Clarification:
A remote access session involves logging in to the organization's network from a remote location such as home or an alternate work site. This remote access session must be secured using FIPS-validated cryptography to provide confidentiality and prevent anyone from capturing session information exchanges.
Example
As the IT administrator for your organization you are responsible for implementing a remote network access capability for users that work offsite. In order to provide session confidentiality, you decide to establish a TLS based Virtual Private Network mechanism. You chose a product that has completed FIPS validation. You require user authentication rather than mutual authentication, but you also set up two factor authentication based on a token passcode and a user PIN before the VPN is established.
Implementation Strategies
This is for registered users only. Please sign up for a free account, or Login, to see complete cross references to other standards and frameworks.
NIST 800-171 Requirements (1)
This is for registered users only. Please sign up for a free account, or Login, to see complete cross references to other standards and frameworks.
NIST 800-53 Controls (1)
This is for registered users only. Please sign up for a free account, or Login, to see complete cross references to other standards and frameworks.