Request a Demo
Request a Demo
  • Home
  • AC.L2-3.1.12[a]: Identify Every Remote Access Path Into Your Environment

AC.L2-3.1.12[a]: Identify Every Remote Access Path Into Your Environment

Mapped to NIST 800-171 Requirement: 3.1.12
CMMC Assessment Objective: AC.L2-3.1.12[a]

What This Objective Means
Before you can control remote access, you must first identify every way it occurs. This includes both user-initiated and system-based remote access paths such as:
• VPN connections
• Remote Desktop Protocol (RDP)
• Secure shell (SSH)
• Cloud console access (e.g., AWS, Azure)
• Web-based remote apps
• Remote support tools (e.g., GoToAssist, TeamViewer)
• Mobile device connections
This objective ensures you understand the full attack surface related to remote access.

Why It Matters
Untracked or undocumented remote access:
• Increases the risk of unauthorized entry
• Makes it harder to detect compromise
• Violates compliance standards
Remote access is one of the most common entry points for attackers—so it must be tightly controlled, starting with visibility.

How to Implement It
• Perform a network and system audit to inventory all remote access capabilities
• Interview IT, security, and third-party vendors to capture all tools in use
• Document:
◦ Tool or service name
◦ Purpose and scope
◦ User groups allowed access
◦ Security controls applied (e.g., MFA, encryption)
• Store this list in your SSP or access control documentation
• Update it regularly as tools or access methods change

Evidence the Assessor Will Look For
• A documented inventory of remote access types
• System or firewall rules that show remote services in use
• Vendor or service agreements for third-party remote access
• Screenshots or diagrams illustrating remote entry points

Common Gaps
• Shadow IT tools (e.g., remote support apps) not documented or managed
• VPN documented, but cloud console or SaaS access overlooked
• No formal inventory of remote access methods tied to CUI systems

How Cuick Trac Helps
Cuick Trac helps simplify this requirement by:
• Minimizing remote access exposure through centralized secure enclave access
• Providing a documented list of approved remote access paths by default
• Supporting real-time monitoring of remote connections
• Helping organizations eliminate or document third-party remote access with audit-ready clarity
With Cuick Trac, your remote access landscape is controlled and visible from day one.

Final CTA
You can’t protect what you haven’t identified.
Schedule a Cuick Trac demo and take full control of remote access to your CUI environment.

AC.L2-3.1.22[c]: Verify System Use Messages Are Displayed Before Login

AC.L2-3.1.22[d]: Confirm That Login Banner Content Meets Compliance Requirements

🍪 We Use Cookies

To enhance your experience and analyze site usage, we use cookies. By continuing to use our site, you agree to our use of cookies in accordance with our Privacy Policy.

Accept