CMMC 1.0 Practice AC.3.022 Requirement:

Encrypt CUI on mobile devices and mobile computing platforms.

CMMC 1.0 AC.3.022 Requirement Explanation:

Devices such as smart phones, tablets, and laptops can easily be transported. As a result they can not be protected by your facilities physical security controls. By encrypting mobile devices you can protect the confidentiality of CUI stored on them.

Example CMMC 1.0 AC.3.022 Implementation:

Encrypt the hard drives of your company managed smartphones, tablets, and laptops. You can generally use the encryption capability built-into your devices operating systems. An example is using Bitlocker for Windows systems. Makesure that the encryption you use if FIPS 140-2 validated.

CMMC 1.0 AC.3.022 Scenario(s):

- Scenario 1:

Your company wants to protect CUI stored on its laptops. To accomplish this it will enable bitlocker encryption on its laptops.

- Scenario 2:

Your employees like to access your company email (Office 365 Outlook) on their personal smart phones. Their emails often contain CUI. To ensure that the CUI is encrypted you force their personal smart phones to be encrypted before they can setup company email on their phone. You accomplish this through the Office 365 exchange admin panel.
 

Quick & Simple

Discover Our Cybersecurity Compliance Solutions:

Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you

 NIST SP 800-171 & CMMC Compliance App

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
 HIPAA Compliance App

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
 FAR 52.204-21 Compliance App

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
 ISO 27001 Compliance App

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.