How to create a POA&M

What are NIST SP 800-171 and CMMC Malicious Code Protection Requirements?

Omer Aslim selfie
By: Omer Kaan Aslim
October 27, 2021
In this post, we will discuss how to meet your NIST SP 800-171 and CMMC malicious code protection requirements.

What is Malicious Code and Anti-Malware Software?

Malicious code is software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system.
Anti-Malware software is used to protect a system such as a laptop or server from malicious code. Anti-malware software vendors include MalwareBytes, Defender, and Norton.

What are the NIST SP 800-171 & CMMC Malicious Code Protection Requirements?

Malicious Code Protection
NIST SP 800-171 3.14.2 & CMMC SI.1.211: "Provide protection from malicious code at appropriate locations within organizational information systems."
To meet this requirement You need to install anti-malware software on your laptops, desktops, and servers. If you have smartphones or tablets that you provide your employees, you should install anti-malware software on them. You should also configure your email gateway to block emails containing malware.
NIST SP 800-171 3.14.4 & CMMC - SI.1.212: "Provide protection from malicious code at appropriate locations within organizational information systems."
To meet this requirement You need to install anti-malware software on your laptops, desktops, and servers. If you have smartphones or tablets that you provide your employees, you should install anti-malware software on them. You should also configure your email gateway to block emails containing malware.
NIST SP 800-171 3.14.4 & CMMC - SI.1.212: "Update malicious code protection mechanisms when new releases are available."
To meet this requirement you need to configure your anti-malware solution to update it’s signature database when a new release is available. Some solutions automatically receive signature database updates, others may be configured to check for them periodically (e.g., hourly or daily).
NIST SP 800-171 3.14.5 & CMMC SI.1.213: "Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed."
To meet this requirement uou need to configure your anti-malware solution to perform periodic scans of your systems. This can be in the form of a daily quick scan combined with a weekly full scan, it is up to you to set the frequency. You need to configure your anti-malware solution to perform real time scans. According to the anti-malware software vendor McAfee “Real-time scanning checks files for viruses each time you or your PC accesses them.” Most anti-malware solutions have this capability, you need to ensure that it is activated.
 
 
 

Discover Our NIST SP 800-171 Solutions:

 /assets/images/compliance_accelerator_white.png

Compliance Accelerator

For contractors seeking compliance
 /assets/images/quantum_assessor_white.png

Quantum Assessor

For IT service providers
 /assets/images/supply_chain_logo_white.png

Supply Chain Verifier

For contractors seeking to verify partner compliance