Business Owner’s Guide to CMMC
Ep 13: Physical Protection
Watch episode 13 of our Business Owner’s Guide to CMMC series with Ben Scully (Avatara) and Dan Langley (Lupa Advisors), or read the transcript below. Stay tuned weekly for new episodes containing actionable insights and an overview of each CMMC domain.
BEN: So, this is another one of those that I I think of as being a less technical category. Let’s talk a little bit about physical protection and what our business owners need to be thinking about.
DAN: Okay, this actually deals with six different controls. Four those are the level one basic things. Are my secure secure. When people come in, do I have them sign into a log? Is that log preserved? Can I go back and say, “Hey, 200 days ago you were breached and you didn’t know it. Could I please see everybody had access to your facility?” You have to be able to report that. Now it doesn’t have to be a fancy system. It could be, “you know what, I have a picture of that logbook for the day stored.” There’s different ways to address this. But it’s about physical security. Can I go to the waiting area and follow in a badge door without having a badge? Can I get access to your facilities, because once I’m inside, I have access to a plethora of information.
Watch Episode 14 on Risk Assessment.
Need help getting compliant?
Avatara’s DoD Platform is a turnkey solution for centralized data and easier compliance. Schedule a free consultation today to learn more.