CMMC protection from malicious code

What are Your CMMC Antivirus Requirements?

Omer Aslim selfie
By: Omer Kaan Aslim
October 15, 2020
Companies with CMMC requirements will need to deploy antivirus software to their systems. Here is how to configure your antivirus software to meet your cybersecurity maturity model certification (CMMC) requirements.

CMMC Antivirus Requirements

There are several CMMC practices that explicitly relate to using Antivirus software to protect your systems. These practices are: SI.1.211, SI.1.212, and SI.1.213.
SI.1.211 Provide protection from malicious code at appropriate locations within organizational information systems.
SI.1.212 Update malicious code protection mechanisms when new releases are available.
SI.1.213 Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.

How to Meet These CMMC Requirements

You need to install Antivirus software on your endpoints and servers (appropriate locations). You need to set your antivirus software to automatically update its signature database when an update is available.
You need to configure your antivirus to automatically run periodic scans (e.g., once a week on Fridays or daily). There is no specific requirement stating that you need to run weekly or daily scans, you are just required to run them periodically.
Your antivirus needs to be capable of automatically scanning files when they are downloaded from the internet. So when you download a file from a website using your browser, your antivirus software needs to be automatically scanned. Unknown files also need to be scanned before they are opened (e.g., a Microsoft word document) or executed (e.g., an exe file).

Additional Recommendations

If financially feasible it is recommended that you use an antivirus software that can be centrally managed. This means that you can install the antivirus software on your systems and deploy the same settings to all of them, preventing users from changing the settings. This also reduces the workload on your personnel as they don't have to configure each system manually.
Do not allow your users to change the settings on their antivirus software. They may turn off features (e.g., periodic scanning) that are important for your meeting CMMC compliance goals.
Another important tip is to avoid using non-U.S. antivirus software. The U.S. government has already cracked down on several including Kaspersky.
 

Discover Our NIST SP 800-171 Solutions:

 /assets/images/compliance_accelerator_white.png

Compliance Accelerator

For contractors seeking compliance
 /assets/images/quantum_assessor_white.png

Quantum Assessor

For IT service providers
 /assets/images/supply_chain_logo_white.png

Supply Chain Verifier

For contractors seeking to verify partner compliance