CMMC Practice AC.L2-3.1.14

Route remote access via managed access control points.

Bold Coast Security Guidance

You want to route remote access through as few VPN gateways as possible. Even if you have many offices, you should only have a single, primary VPN connection, and a backup for that connection (if you determine VPN redundancy is required). Be aware that users may attempt to circumvent this control by installing an enabling a third party software which allows a connection directly to their PC, such as LogMeIn, TeamViewer, or GoToMyPC. You must prohibit the use of this software and block it if possible. This can be tricky as often these solutions may also block permitted screen sharing applications popular for virtual meetings.
Security Catapult

Be prepared for CMMC

Our Q&A assessment tool is designed by security advisors for MSPs and DoD contractors of all sizes.

Try now for free

Understand your gaps
Security Catapult

Understand your gaps

See compliance gaps, compliance scores and proactive security tasks in a single interface.

Try now for free

Validate NIST SP 800-171
Security Catapult

Validate NIST SP 800-171

Based on your CMMC answers, we let you know where you stand on NIST.

Try now for free

Build a plan of action
Security Catapult

Build a plan of action

Track your burn down and stay on top of security needs.

Try now for free

Build your policy
Security Catapult

Build your policy

Say goodbye to maintaining a security policy. We do it for you.

Try now for free

Discussion From Source

DRAFT NIST SP 800-171 R2 Routing remote access through managed access control points enhances explicit, organizational control over such connections, reducing the susceptibility to unauthorized access to organizational systems resulting in the unauthorized disclosure of CUI.

References