CMMC Practice Requirement:

Protect and monitor the physical facility and support infrastructure for organizational systems.

CMMC Requirement Explanation:

By limiting access to your facility and monitoring it with security cameras you can reduce the risk of security incidents. Ensuring that the physical infrastructure supporting your IT systems is protected is critical to keeping your IT systems functioning.

Example CMMC Implementation:

Ensure that the electrical closet or cabinet in your office is locked. Try to run power and network cables in a manner that reduces the risk of them being unplugged. Ensure that your server room is locked and your facility entrances are locked. Use surveillance cameras to monitor your facility.


- Scenario 1:

Your company needs to monitor its facilities. Security guards are too expensive and sensor devices can't capture images. You decide to deploy surveillance cameras to monitor your facilities.

- Scenario 2:

Your server room contains important network devices and electrical power controls. These are the back bone of your IT systems. To better protect them you ensure that only a few individuals can access the room and always keep it locked.

Discover Our NIST SP 800-171 Solutions:


Compliance Accelerator

For contractors seeking compliance

Quantum Assessor

For IT service providers

Supply Chain Verifier

For contractors seeking to verify partner compliance