CMMC Practice Requirement:

Require multifactor authentication to establish nonlocal maintenance sessions via external network connections and terminate such connections when nonlocal maintenance is complete.

CMMC Requirement Explanation:

When a persons remotely connects to a system to conduct maintenance they generally do so with a privileged account. This creates additional risk that can be reduced by requiring multifactor authentication.

Example CMMC Implementation:

When system admins connect to your network via VPN with their privileged accounts require them to authenticate with Multifactor authentication.


- Scenario 1:

Alice a system administrator needs to connect to her company's file server from home using a VPN connection. Because she is an admin her account is configured to require multifactor authentication when she connects to the VPN.

Discover Our NIST SP 800-171 Solutions:


Compliance Accelerator

For contractors seeking compliance

Quantum Assessor

For IT service providers

Supply Chain Verifier

For contractors seeking to verify partner compliance