CMMC Practice Requirement:
Protect wireless access using authentication and encryption.
CMMC Requirement Explanation:
By using authentication and encryption to protect your WiFi networks you prevent unauthorized persons from accessing your network. This prevents attackers from easily sniffing your WiFi traffic or accessing your network resources.
Example CMMC Implementation:
Require users to authenticate to your wireless networks before joining them. You can accomplish this using a WiFi password with the WPA2 pre-shared key configuration . Another method is to use WPA2 Enterprise with Active Directory.
- Scenario 1:
Your company has a small office with 15 employees. To protect it's WiFi network you setup WPA2 with a pre-shared key on your WiFi. The pre shared key is a password you enter on your employee's computers so that they can connect to the WiFi.
- Scenario 2:
Your company has over 50 employees at its office. You decide to setup WPA2 Enterprise with your Active Directory server. Employees are automatically authenticated to the network on their work computers without having to use a separate password to get on the network.
Discover Our NIST SP 800-171 Solutions:
For contractors seeking compliance
For IT service providers
Supply Chain Verifier
For contractors seeking to verify partner compliance