12 March – COVID-19 – Updated Information/Resources and Clarifying Information for Your Business

  • Posted by Mark Lupo
  • On March 12, 2020
With the COVID-19 disease continuing to spread, you and your team will be seeking additional information to help clarify the decisions that need to be made going forward.  Here are some links/resources and additional information that may prove helpful in the days and weeks ahead. As of this morning, the Coronavirus COVID-19 Global Cases by the […]
Read More
 1

9 Mar 2020 – COVID-19 Progression and Next Steps

  • Posted by Mark Lupo
  • On March 9, 2020
By now, we are all pretty much aware of the spread of COVID-19 across the world (and more and more within the U.S. and within Georgia).  Containment measure so far have not stopped the spread of the disease and it continues to expand in multiple areas around the nation.  As the number of tests conducted […]
Read More
 1

CMMC V1.0 – AC.1.004 – Control Information Posted or Processed on Publicly Accessible Information Systems

  • Posted by Mark Lupo
  • On February 27, 2020
The fourth Practice required to be implemented under CMMC V1.0 within your information security plans, also falls under the Capability, Limit data access to authorized users and processes (C004).  This Practice is titled, Control Information Posted or Processed on Publicly Accessible Information Systems (and is found on Pg 52 of the Appendix B PDF or […]
Read More
 1

Coronavirus (COVID-19) Updates and Resources – 27 Feb 2020

  • Posted by Mark Lupo
  • On February 27, 2020
With all of the information floating around about the novel coronavirus (now named COVID-19), here is some recent information available and links to relevant sites that you may want to bookmark for the most accurate and updated information. First, when compared to influenza for the 2019-2020 season, the prevalence of COVID-19 pales in comparison:  As […]
Read More
 1

CMMC V1.0 – AC.1.003 – Verify, Control and Limit Connections to, and Use of, External Information Systems.

  • Posted by Mark Lupo
  • On February 24, 2020
The third Practice required to be implemented under CMMC V1.0 within your information security plans, falls under the capability, Limit data access to authorized users and processes (C004).  This capability has similarities to the previous one discussed, Control internal system access (C002), and differs only that the expectations within AC.1.003 relate to limiting access to […]
Read More
 1

CMMC V1.0 – Level 1 Compliance – AC.1.002 – Limiting System Access to Types of Transactions

  • Posted by Mark Lupo
  • On February 18, 2020
In this and succeeding entries, we will review one or two Practices per article, focusing on the description of the practice and the clarifying statement and examples provided within Appendix B of CMMC V 1.0.  The second practice required to achieve Level 1 compliance under the CMMC standard falls under the second capability, Control internal […]
Read More
 1