NIST SP 800-171 & CMMC 2.0 Control 3.7.5 Requirement:

Require multifactor authentication to establish nonlocal maintenance sessions via external network connections and terminate such connections when nonlocal maintenance is complete.

NIST SP 800-171 & CMMC 2.0 3.7.5 Requirement Explanation:

When a person remotely connects to a system to perform maintenance they generally do so with a privileged account. This creates additional risk that can be reduced by requiring multifactor authentication.

Example NIST SP 800-171 & CMMC 2.0 3.7.5 Implementation:

When system administrators connect to your network via a remote VPN connection with their privileged accounts require them to authenticate using multifactor authentication.

NIST SP 800-171 & CMMC 2.0 3.7.5 Scenario(s):

- Scenario 1:

Alice a system administrator needs to connect to her company's file server from home using a VPN connection. Because she is an admin her account is configured to require multifactor authentication when she connects to the VPN.

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:


Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.