CMMC Practice Requirement:

Employ cryptographic mechanisms to protect the confidentiality of remote access sessions.

CMMC Requirement Explanation:

Remote access sessions refer to remote VPN connections. By using TLS you can encrypt the connection thus ensuring confidentiality.

Example CMMC Implementation:

Protect your VPN connections using TLS encryption. Ensure that the encryption you use is FIPS compliant.


- Scenario 1:

Your company enables TLS encryption for its remote VPN connections.

Discover Our NIST SP 800-171 Solutions:


Compliance Accelerator

For contractors seeking compliance

Quantum Assessor

For IT service providers

Supply Chain Verifier

For contractors seeking to verify partner compliance