CMMC Mapping
The CMMC framework consists of five levels – Level 1 through 5 – where cybersecurity requirements become more advanced as you increase up the levels. Level 1, considered “basic cybersecurity”, is expected to entail a small subset of NIST 800-171-based data controls and other “best practices”. Levels 2 and 3 provide a closer approximation of what is required by NIST SP 800-171 and DFARS 252.204-7012. The mid-levels will encompass all rev 1 controls under 800-171 as well as other practices outside the CUI protection scope. Level 5 of the CMMC is the most advanced cybersecurity practices within the perimeter of CUI protection. Additional controls may include 24/7 SOC, network segmentation, real-time asset tracking, and initial response actions.
Level 1 Asset Control
Level
1
1
1
1
ID
AC.1.001
AC.1.002
AC.1.003
AC.1.004
Applies to Mobility
X
X
X
X
SyncDog Compliance
SyncDog offers out of the box functionality to accurately identify the end user and to control and administer system access rights based on the profile and entitlements of that user
SyncDog offers out of the box functionality to accurately identify the end user and to control and administer transaction and function rights based on the profile and entitlements of that user
SyncDog's MDM module has the ability to control and limit access to apps and other external information systems. A more advanced solution is also availalbe where the SyncDog Trusted workspace can control and isolate data and applications being accessed for work purposes, and completely separates and protects them from data and applications being accessed for personal use - and the malware that often comes with them. This elimates the concerns of what other apps might reside on a particular device and opens the possibilities of employees securely using personal devices for work purposes. Our DLP and Data integrity capabilities are the hallmark of our solution.
SyncDog offers out of the box functionality that can prevent copy/paste functions. Our solutions also offer the ability to classify data, documents and files as "read only" to prevent any additional actions or reposts of that information.
Description
Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems).
Limit information system access to the types of transactions and functions that authorized users are permitted to execute.
Verify and control/limit connections to and use of external information systems.
Control information posted or processed on publicly accessible information systems.
NIST 800-171 Reference Pointers
3.1.1
3.1.2
3.1.20
3.1.22
Level 2 Asset Control
Level
2
2
2
2
2
2
2
2
2
2
2
2
ID
AC.2.005
AC.2.006
AC.2.007
AC.2.008
AC.2.009
AC.2.010
AC.2.011
AC.2.013
AC.2.015
AC.2.016
AC.2.998
AC.2.999
Applies to Mobility
X
X
X
X
x
X
X
X
X
X
X
X
SyncDog Compliance
Out of the box functionality
Out of the box functionality
The SyncDog solution was purpose built to easily address the varying needs of differing roles, titles, security functions and privileged accounts from within the admin console. Privileges are are easily established and enforced based on the specific and minimal needs to fulfill the duties of the job all withing a "single plane of glass" where all customers
Out of the box functionality
Out of the box functionality
SyncDog's trusted mobile workspace ensures all data that flows over such connections is encrypted at all times effectively removing all concerns about how the device is connecting.
Out of the box functionality
Out of the box functionality
SyncDog offers out of the box functionality to accurately identify the end user and to control the flow of CUI based on the profile and entitlements of that user.
SyncDog is easily incorporated in these corporate policies, practices and procedures
Description
Provide privacy and security notices consistent with applicable CUI rules.
Limit use of portable storage devices on external systems.
Employ the principle of least privilege, including for specific security functions and privileged accounts.
Use non-privileged accounts or roles when accessing nonsecurity functions.
Limit unsuccessful logon attempts.
Use session lock with pattern-hiding displays to prevent access and viewing of data after a period of inactivity.
Authorize wireless access prior to allowing such connections.
Monitor and control remote access sessions.
Route remote access via managed access control points.
Control the flow of CUI in accordance with approved authorizations.
Document the CMMC practices to implement the Access Control policy.
Establish a policy that includes Access Control.
NIST 800-171 Reference Pointers
3.1.9
3.1.21
3.1.5
3.1.6
3.1.8
3.1.10
3.1.16
3.1.12
3.1.14
3.1.3
Level 3 Access Control
Level
3
3
3
3
3
3
3
3
3
ID
AC.3.012
AC.3.014
AC.3.017
AC.3.018
AC.3.019
AC.3.020
AC.3.021
AC.3.022
AC.3.997
Applies to Mobility
X
X
X
X
X
X
X
X
SyncDog Compliance
SyncDog's trusted mobile workspace alleviates concerns on how the device is connected by ensuring all data that flows over such connections is encrypted at all times using Validated FiPS Certified 256 bit encryption
SyncDog uses Validated FiPS 140-2 Certified 256 bit encryption to secure all information being accessed through our solution while in transit and while at rest
SyncDog offers out of the box functionality to accurately identify the end user to reduce the risk of malevolent behavior by separating the duties of individuals based on the profile and entitlements of that user.
SyncDog uses profiles and entitlements to identify and administer rights and priviledges of every user. The solution tracks and audits all access and usage of data and files, execution of functions, and login and access attempts to the solution itself.
Out of the box functionality
SyncDog's Trusted Mobile Workspace enables fully secure access from mobile devices by using Validated FiPS 140-2 Certified 256 bit enryption while assigning and incorporating profiles and entitlements to identify rights and priviledges of every authorized mobile user.
SyncDog allows administrators to remotely lock or wipe container data. SyncDog's Trusted Mobile Workspace also supports automatic data wipe "timebomb" policies, and can remotely report on device security vulnerabilities via in-app scanning tools that automatically sync vulnerability data to administrators.
SyncDog's Trusted Mobile Workspace creates fully secure access from mobile devices and endpoints by using Validated FiPS 140-2 Certified 256 bit enryption while assigning and incorporating profiles and entitlements to identify rights and priviledges of every mobile user. Our Data Loss Protection (DLP) and Data integrity capabilities are the hallmark of our solution.
Description
Protect wireless access using authentication and encryption.
Employ cryptographic mechanisms to protect the confidentiality of remote access sessions.
Separate the duties of individuals to reduce the risk of malevolent activity without collusion.
Prevent non-privileged users from executing privileged functions and capture the execution of such functions in audit logs.
Terminate (automatically) user sessions after a defined condition.
Control connection of mobile devices.
Authorize remote execution of privileged commands and remote access to security-relevant information.
Encrypt CUI on mobile devices and mobile computing platforms.
Establish, maintain, and resource a plan that includes Access Control.
NIST 800-171 Reference Pointers
3.1.17
3.1.13
3.1.4
3.1.7
3.1.11
3.1.18
3.1.15
3.1.19
Level 4 Access Control
Level
4
4
4
4
ID
AC.4.023
AC.4.025
AC.4.032
AC.4.996
Applies to Mobility
X
X
X
SyncDog Compliance
SyncDog's Trusted Mobile Workspace on-premise solution allows administrators to deploy server infrastructure to ensure device access to internal domain resources is controlled end-to-end.
When pertaining to mobility, SyncDog can control permissable data between applications on mobile devices based on the access rights of a given user
Out of the box functionality where SyncDog is purpose built to control access rights based on roles, titles, privileges, location, time criteria, and the like.
Description
Control information flows between security domains on connected systems.
Periodically review and update CUI program access permissions.
Restrict remote network access based on organizationally defined risk factors such as time of day, location of access, physical location, network connection state, and measured properties of the current user and role.
Review and measure Access Control activities for effectiveness.
NIST 800-171 Reference Pointers
3.1.3e (800-171B)
Level 5 Access Control
Level
5
5
ID
AC.5.024
AC.5.995
Applies to Mobility
X
SyncDog Compliance
Out of the box functionality whre SyncDog uses Mobile Threat Defense capabilities to identify vulnerabilities and our containerization solution mitigates the risk by encrypting all the data to prevent unauthorized access
Description
Identify and mitigate risk associated with unidentified wireless access points connected to the network.
Standardize and optimize a documented approach for Access Control across all applicable organizational units.
NIST 800-171 Reference Pointers
Level 2 Asset Management (AM)
Level
2
2
ID
AM.2.998
AM.2.999
Applies to Mobility
SyncDog Compliance
Description
Document the CMMC practices to implement the Asset Management policy.
Establish a policy that includes Asset Management.
NIST 800-171 Reference Pointers
Level 3 Asset Management (AM)
Level
3
3
ID
AM.3.036
AM.3.997
Applies to Mobility
X
SyncDog Compliance
Define procedures for the handling of CUI data.
Establish, maintain, and resource a plan that includes Asset Management.
Description
Document the CMMC practices to implement the Asset Management policy.
Establish a policy that includes Asset Management.
NIST 800-171 Reference Pointers
Level 4 Asset Management (AM)
Level
4
4
ID
AM.4.226
AM.4.996
Applies to Mobility
X
SyncDog Compliance
Out of the box functionality
Description
Employ a capability to discover and identify systems with specific component attributes (e.g., firmware level, OS type) within your inventory.
Review and measure Asset Management activities for effectiveness.
NIST 800-171 Reference Pointers
3.4.3e (800-171B)
Level 5 Asset Management (AM)
Level
5
ID
AM.5.995
Applies to Mobility
SyncDog Compliance
Description
Standardize and optimize a documented approach for Asset Management across all applicable organizational units.
NIST 800-171 Reference Pointers
Level 2 Audit and Accountability (AU)
Level
2
2
2
2
2
2
ID
AU.2.041
AU.2.042
AU.2.043
AU.2.044
AU.2.998
AU.2.999
Applies to Mobility
X
X
X
X
SyncDog Compliance
Out of the box functionality where SyncDog offers detailed device audit logs for all user and device activity
Out of the box functionality where SyncDog offers detailed device audit logs for all user and device activity
SyncDog offers a tamper proof time mechanism to prevent manipulation of time stamps and similar annotations
SyncDog allows administrators to view logs on user activities within the continer including synchronization events and GPS locations
Description
Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions.
Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity.
Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records.
Review audit logs.
Document the CMMC practices to implement the Audit and Accountability policy.
Establish a policy that includes Audit and Accountability.
NIST 800-171 Reference Pointers
3.3.2
3.3.1
3.3.7
Level 3 Audit and Accountability (AU)
Level
3
3
3
3
3
3
3
3
ID
AU.3.045
AU.3.046
AU.3.048
AU.3.049
AU.3.050
AU.3.051
AU.3.052
AU.3.997
Applies to Mobility
X
X
X
X
SyncDog Compliance
SyncDog provides many system alerts to provide adminsitrators with information on system health or failures
Out of the box functionality
Out of the box functionality
Out of the box functionality
Description
Review and update logged events.
Alert in the event of an audit logging process failure.
Collect audit information (e.g., logs) into one or more central repositories.
Protect audit information and audit logging tools from unauthorized access, modification, and deletion.
Limit management of audit logging functionality to a subset of privileged users.
Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity.
Provide audit record reduction and report generation to support on-demand analysis and reporting.
Establish, maintain, and resource a plan that includes Audit and Accountability.
NIST 800-171 Reference Pointers
3.3.3
3.3.4
3.3.8
3.3.9
3.3.5
3.3.6
Level 4 Audit and Accountability (AU)
Level
4
4
4
ID
AU.4.053
AU.4.054
AU.4.996
Applies to Mobility
X
SyncDog Compliance
SyncDog provides many levels of auditing/logging for both network level and device level activity
Description
Automate analysis of audit logs to identify and act on critical indicators (TTPs) and/or organizationally defined suspicious activity.
Review audit information for broad activity in addition to per-machine activity.
Review and measure Audit and Accountability activities for effectiveness.
NIST 800-171 Reference Pointers
Level 5 Audit and Accountability (AU)
Level
5
5
ID
AU.5.055
AU.5.995
Applies to Mobility
X
SyncDog Compliance
Auditing is a core system Service with SyncDog
Description
Identify assets not reporting audit logs and assure appropriate organizationally defined systems are logging.
Standardize and optimize a documented approach for Audit and Accountability across all applicable organizational units.
NIST 800-171 Reference Pointers
6.2
Level 2 Awareness and Training (AT)
Level
2
2
2
2
ID
AT.2.056
AT.2.057
AT.2.998
AT.2.999
Applies to Mobility
X
X
SyncDog Compliance
SyncDog is easily incorporated in these corporate policies, practices and procedures
SyncDog is easily incorporated in these corporate policies, practices and procedures
Description
Ensure that managers, system administrators, and users of organizational systems are made aware of the security risks associated with their activities and of the applicable policies, standards, and procedures related to the security of those systems.
Ensure that personnel are trained to carry out their assigned information security-related duties and responsibilities.
Document the CMMC practices to implement the Awareness and Training policy.
Establish a policy that includes Awareness and Training.
NIST 800-171 Reference Pointers
3.2.1
3.2.2
Level 3 Awareness and Training (AT)
Level
3
3
ID
AT.3.058
AT.3.997
Applies to Mobility
SyncDog Compliance
Description
Provide security awareness training on recognizing and reporting potential indicators of insider threat.
Establish, maintain, and resource a plan that includes Awareness and Training.
NIST 800-171 Reference Pointers
3.2.3
Level 4 Awareness and Training (AT)
Level
4
4
4
ID
AT.4.059
AT.4.060
AT.4.996
Applies to Mobility
SyncDog Compliance
Description
Provide awareness training focused on recognizing and responding to threats from social engineering, advanced persistent threat actors, breaches, and suspicious behaviors; update the training at least annually or when there are significant changes to the threat.
Include practical exercises in awareness training that are aligned with current threat scenarios and provide feedback to individuals involved in the training.
Review and measure Awareness and Training activities for effectiveness.
NIST 800-171 Reference Pointers
3.2.1e (800-171B)
3.2.2e (800-171B)
Level 5 Awareness and Training (AT)
Level
5
ID
AT.5.995
Applies to Mobility
X
SyncDog Compliance
A SyncDog on-premise deployment simplifies standardization and training because a single, unified solution can be used to manage both server and devices
Description
Standardize and optimize a documented approach for Awareness and Training across all applicable organizational units.
NIST 800-171 Reference Pointers
Level 2 Configuration Management (CM)
Level
2
2
2
2
2
2
2
2
ID
CM.2.061
CM.2.062
CM.2.063
CM.2.064
CM.2.065
CM.2.066
CM.2.998
CM.2.999
Applies to Mobility
X
X
X
X
X
X
SyncDog Compliance
Out of the box functionality
SyncDog's access management capabilities, based on roles and profiles, offers granular control of access rights to data, apps and devices
Out of the box functionality
SyncDog is easily incorporated in these corporate policies, practices and procedures
SyncDog incorporates logging into its core components, and provides support for different user permission levels and a wide variety of policy configurations to control access to organizational systems.
Policy changes within the SyncDog platform can be easily implemented using staging environment network infrastructure and devices, in order to test implementation impacts prior to live deployment
Description
Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles.
Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities.
Control and monitor user-installed software.
Establish and enforce security configuration settings for information technology products employed in organizational systems.
Track, review, approve, or disapprove, and log changes to organizational systems.
Analyze the security impact of changes prior to implementation.
Document the CMMC practices to implement the Configuration Management policy.
Establish a policy that includes Configuration Management.
NIST 800-171 Reference Pointers
3.4.1
3.4.6
3.4.9
3.4.2
3.4.3
3.4.4
Level 3 Configuration Management (CM)
Level
3
3
3
3
ID
CM.3.067
CM.3.068
CM.3.069
CM.3.997
Applies to Mobility
X
X
SyncDog Compliance
SyncDog's access management capabilities, based on roles and profiles, offers granular control of access rights to data, apps, devices and other functions and services
Out of the box functionality
Description
Define, document, approve, and enforce physical and logical access restrictions associated with changes to organizational systems.
Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services.
Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized software or denyall, permit-by-exception (whitelisting) policy to allow the execution of authorized software.
Establish, maintain, and resource a plan that includes Configuration Management.
NIST 800-171 Reference Pointers
3.4.5
3.4.7
3.4.8
Level 4 Configuration Management (CM)
Level
4
4
ID
CM.4.073
CM.4.996
Applies to Mobility
X
SyncDog Compliance
Out of the box functionality
Description
Employ application whitelisting and an application vetting process for systems identified by the organization.
Review and measure Configuration Management activities for effectiveness.
NIST 800-171 Reference Pointers
3.4.8
Level 5 Configuration Management (CM)
Level
5
5
ID
CM.5.074
CM.5.995
Applies to Mobility
X
X
SyncDog Compliance
SyncDog is a Validated Fips 140-2 Certified encryption solution
A SyncDog on-premise deployment simplifies standardization for configuration management, because a single, unified solution can be used to manage both server and devices
Description
Verify the integrity and correctness of security critical or essential software as defined by the organization (e.g., roots of trust, formal verification, or cryptographic signatures).
Standardize and optimize a documented approach for Configuration Management across all applicable organizational units.
NIST 800-171 Reference Pointers
3.14.1e (800-171B)
Level 1 Identification and Authentication (IA)
Level
1
1
ID
IA.1.076
IA.1.077
Applies to Mobility
X
SyncDog Compliance
SyncDog offers out of the box functionality to accurately identify the end user and to control and administer access rights based on the profile and entitlements of that user
Description
Identify information system users, processes acting on behalf of users, or devices.
Authenticate (or verify) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems.
NIST 800-171 Reference Pointers
3.5.1
3.5.2
Level 2 Identification and Authentication (IA)
Level
2
2
2
2
2
2
2
ID
IA.2.078
IA.2.079
IA.2.080
IA.2.081
IA.2.082
IA.2.998
IA.2.999
Applies to Mobility
X
X
X
X
X
X
SyncDog Compliance
SyncDog is fully compliant with Out of the Box functionality
SyncDog is fully compliant with Out of the Box functionality
SyncDog is fully compliant with Out of the Box functionality
SyncDog is fully compliant with Out of the Box functionality
SyncDog is fully compliant with Out of the Box functionality
SyncDog is fully compliant with Out of the Box functionality
Description
Enforce a minimum password complexity and change of characters when new passwords are created.
Prohibit password reuse for a specified number of generations.
Allow temporary password use for system logons with an immediate change to a permanent password.
Store and transmit only cryptographically-protected passwords.
Obscure feedback of authentication information.
Document the CMMC practices to implement the Identification and Authentication policy.
Establish a policy that includes Identification and Authentication.
NIST 800-171 Reference Pointers
3.5.7
3.5.8
3.5.9
3.5.10
3.5.11
Level 3 Identification and Authentication (IA)
Level
3
3
3
3
3
ID
IA.3.083
IA.3.084
IA.3.085
IA.3.086
IA.3.997
Applies to Mobility
X
X
X
X
SyncDog Compliance
SyncDog is fully compliant with Out of the Box functionality
Fully Compliant. SyncDog protects against Man-in-the-Middle attacks and SSL replay attacks
SyncDog is fully compliant with Out of the Box functionality
SyncDog is fully compliant with Out of the Box functionality
SyncDog is easily incorporated in these corporate policies, practices and procedures
Description
Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts.
Employ replay-resistant authentication mechanisms for network access to privileged and nonprivileged accounts.
Prevent the reuse of identifiers for a defined period.
Disable identifiers after a defined period of inactivity.
Establish, maintain, and resource a plan that includes Identification and Authentication.
NIST 800-171 Reference Pointers
3.5.3
3.5.4
3.5.5
3.5.6
Level 4 Identification and Authentication (IA)
Level
4
ID
IA.4.996
Applies to Mobility
SyncDog Compliance
Description
Review and measure Identification and Authentication activities for effectiveness.
NIST 800-171 Reference Pointers
Level 5 Identification and Authentication (IA)
Level
5
ID
IA.5.995
Applies to Mobility
X
SyncDog Compliance
A SyncDog on-premise deployment simplifies authentication standardization, because a single, unified solution is deployed to access resources
Description
Standardize and optimize a documented approach for Identification and Authentication across all applicable organizational units.
NIST 800-171 Reference Pointers
Level 2 Incident Response (IR)
Level
2
2
2
2
2
2
2
ID
IR.2.092
IR.2.093
IR.2.094
IR.2.096
IR.2.097
IR.2.998
IR.2.999
Applies to Mobility
X
X
X
SyncDog Compliance
SyncDog offers numerous approaches to detecting,alerting/reporting, and proactively locking or even deleting all sensisitve data if an event is detected
SyncDog's wide array of policy management tools allows automated responses to incidents that can be easily aligned with corporate procdures
SyncDog's extensive auditing and logging functionality can assist with root cause analysis
Description
Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities.
Detect and report events.
Analyze and triage events to support event resolution and incident declaration.
Develop and implement responses to declared incidents according to pre-defined procedures.
Perform root cause analysis on incidents to determine underlying causes.
Document the CMMC practices to implement the Incident Response policy.
Establish a policy that includes Incident Response.
NIST 800-171 Reference Pointers
3.6.1
Level 3 Incident Response (IR)
Level
3
3
3
ID
IR.3.098
IR.3.099
IR.3.097
Applies to Mobility
X
X
SyncDog Compliance
SyncDog's solutions can be set up to automatically notify administrators of detected incidents - configurable down to a per-incident basis.
Test incidents can be simulated using test devices/policy configurations
Description
Track, document, and report incidents to designated officials and/or authorities both internal and external to the organization.
Test the organizational incident response capability.
Establish, maintain, and resource a plan that includes Incident Response.
NIST 800-171 Reference Pointers
3.6.2
3.6.3
Level 4 Incident Response (IR)
Level
4
4
4
ID
IR.4.100
IR.4.100
IR.4.996
Applies to Mobility
X
X
SyncDog Compliance
SyncDog employs jailbreak testing and extensive security intrusion testing as part of its build process, using the latest data on attack methods
SyncDog's policy configurations go a step further by allowing for automated responses to detected threats, with alerts to adminsitrators on detected activities
Description
Use knowledge of attacker tactics, techniques, and procedures in incident response planning and execution.
Establish and maintain a security operations center capability that facilitates a 24/7 response capability.
Review and measure Incident Response activities for effectiveness.
NIST 800-171 Reference Pointers
3.6.1e (800-171B)
Level 5 Incident Response (IR)
Level
5
5
5
5
5
ID
IR.5.102
IR.5.106
IR.5.108
IR.5.110
IR.5.995
Applies to Mobility
X
X
SyncDog Compliance
SyncDog's policy configurations go a step further by allowing for automated responses to detected threats, with alerts to adminsitrators on detected activities
Test incidents can be deployed within the SyncDog ecosystem to facilitate incident response
Description
Use a combination of manual and automated, real-time responses to anomalous activities that match incident patterns.
In response to cyber incidents, utilize forensic data gathering across impacted systems, ensuring the secure transfer and protection of forensic data.
Establish and maintain a cyber incident response team that can investigate an issue physically or virtually at any location within 24 hours.
Perform unannounced operational exercises to demonstrate technical and procedural responses.
Standardize and optimize a documented approach for Incident Response across all applicable organizational units.
NIST 800-171 Reference Pointers
3.6.2e (800-171B)
Level 2 Maintenance (MA)
Level
2
2
2
2
2
2
ID
MA.2.111
MA.2.112
MA.2.113
MA.2.114
MA.2.998
MA.2.999
Applies to Mobility
SyncDog Compliance
Description
Perform maintenance on organizational systems.
Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance.
Require multifactor authentication to establish nonlocal maintenance sessions via external network connections and terminate such connections when nonlocal maintenance is complete.
Supervise the maintenance activities of personnel without required access authorization.
Document the CMMC practices to implement the Maintenance policy.
Establish a policy that includes Maintenance.
NIST 800-171 Reference Pointers
3.7.1
3.7.2
3.7.5
3.7.6
Level 3 Maintenance (MA)
Level
3
3
3
ID
MA.3.115
MA.3.116
MA.3.997
Applies to Mobility
SyncDog Compliance
Description
Ensure equipment removed for off-site maintenance is sanitized of any CUI.
Check media containing diagnostic and test programs for malicious code before the media are used in organizational systems.
Establish, maintain, and resource a plan that includes Maintenance.
NIST 800-171 Reference Pointers
3.7.3
3.7.4
Level 4 Maintenance (MA)
Level
4
ID
MA.4.996
Applies to Mobility
SyncDog Compliance
Description
Review and measure Maintenance activities for effectiveness.
NIST 800-171 Reference Pointers
Level 5 Maintenance (MA)
Level
5
ID
MA.5.995
Applies to Mobility
SyncDog Compliance
Description
Standardize and optimize a documented approach for Maintenance across all applicable organizational units.
NIST 800-171 Reference Pointers
Level 1 Media Protection (MP)
Level
1
ID
MP.1.118
Applies to Mobility
X
SyncDog Compliance
SyncDog offers numerouse approaches that GUARANTEES data has been reomved from a devive - even when the device is off-line
Description
Sanitize or destroy information system media containing Federal Contract Information before disposal or release for reuse.
NIST 800-171 Reference Pointers
3.8.3
Level 2 Media Protection (MP)
Level
2
2
2
2
2
ID
MP.2.119
MP.2.120
MP.2.121
MP.2.998
MP.2.999
Applies to Mobility
X
X
SyncDog Compliance
SyncDog offers out of the box functionality to accurately identify the end user and to control and administer access rights based on the profile and entitlements of that user
SyncDog provides a sealed container on mobile devices that prevents access to data even when the device is compromised
Description
Sanitize or destroy information system media containing Federal Contract Information before disposal or release for reuse.
Limit access to CUI on system media to authorized users.
Control the use of removable media on system components.
Document the CMMC practices to implement the Media Protection policy.
Establish a policy that includes Media Protection.
NIST 800-171 Reference Pointers
3.8.1
3.8.2
3.8.7
Level 3 Media Protection (MP)
Level
3
3
3
3
3
ID
MP.3.122
MP.3.123
MP.3.124
MP.3.125
MP.3.997
Applies to Mobility
X
X
SyncDog Compliance
SyncDog provides GPS location policies that can control user access to data based on location
SyncDog is a Validated Fips 140-2 Certified solution that encrypts all data while at Rest and in Transit to only allow access and usage by authorized users
Description
Mark media with necessary CUI markings and distribution limitations.
Prohibit the use of portable storage devices when such devices have no identifiable owner.
Control access to media containing CUI and maintain accountability for media during transport outside of controlled areas.
Implement cryptographic mechanisms to protect the confidentiality of CUI stored on digital media during transport unless otherwise protected by alternative physical safeguards.
Establish, maintain, and resource a plan that includes Media Protection.
NIST 800-171 Reference Pointers
3.8.4
3.8.8
3.8.5
3.8.6
Level 4 Media Protection (MP)
Level
4
ID
MP.4.996
Applies to Mobility
SyncDog Compliance
Description
Review and measure Media Protection activities for effectiveness.
NIST 800-171 Reference Pointers
Level 5 Media Protection (MP)
Level
5
ID
MP.5.995
Applies to Mobility
SyncDog Compliance
Description
Standardize and optimize a documented approach for Media Protection across all applicable organizational units.
NIST 800-171 Reference Pointers
Level 2 Personnel Security (PS)
Level
2
2
2
2
ID
PS.2.127
PS.2.128
PS.2.998
PS.2.999
Applies to Mobility
X
SyncDog Compliance
SyncDog containers support remote wiping of data and automated deletion of data after a period of time. User access to resources can be strictly controlled by administrators.
Description
Screen individuals prior to authorizing access to organizational systems containing CUI.
Ensure that organizational systems containing CUI are protected during and after personnel actions such as terminations and transfers.
Document the CMMC practices to implement the Personnel Security policy.
Establish a policy that includes Personnel Security.
NIST 800-171 Reference Pointers
3.9.1
3.9.2
Level 3 Personnel Security (PS)
Level
3
ID
PS.3.997
Applies to Mobility
SyncDog Compliance
Description
Establish, maintain, and resource a plan that includes Personnel Security.
NIST 800-171 Reference Pointers
Level 4 Personnel Security (PS)
Level
4
ID
PS.4.996
Applies to Mobility
SyncDog Compliance
Description
Review and measure Personnel Security activities for effectiveness.
NIST 800-171 Reference Pointers
Level 5 Personnel Security (PS)
Level
5
ID
PS.5.995
Applies to Mobility
SyncDog Compliance
Description
Standardize and optimize a documented approach for Personnel Security across all applicable organizational units.
NIST 800-171 Reference Pointers
Level 1 Physical Protection (PE)
Level
1
1
1
1
ID
PE.1.131
PE.1.132
PE.1.133
PE.1.134
Applies to Mobility
X
SyncDog Compliance
SyncDog utilizes Mobile Device Management technology to inventory, provision and control access to devices through password policy enforcment, access control, device wipe functionality and more. Additionally, SyncDog offers out of the box functionality to accurately identify the end user and to control and administer system access rights based on the profile and entitlements of that user
Description
Limit physical access to organizational information systems, equipment, and the respective operating environments to authorized individuals.
Escort visitors and monitor visitor activity.
Maintain audit logs of physical access.
Control and manage physical access devices.
NIST 800-171 Reference Pointers
3.10.1
3.10.3
3.10.4
3.10.5
Level 2 Physical Protection (PE)
Level
2
2
2
ID
PE.2.135
PE.2.998
PE.2.999
Applies to Mobility
SyncDog Compliance
Description
Protect and monitor the physical facility and support infrastructure for organizational systems.
Document the CMMC practices to implement the Physical Protection policy.
Establish a policy that includes Physical Protection.
NIST 800-171 Reference Pointers
3.10.2
Level 3 Physical Protection (PE)
Level
3
3
ID
PE.3.136
PE.3.997
Applies to Mobility
SyncDog Compliance
Description
Enforce safeguarding measures for CUI at alternate work sites.
Establish, maintain, and resource a plan that includes Physical Protection.
NIST 800-171 Reference Pointers
3.10.6
Level 4 Physical Protection (PE)
Level
4
ID
PE.4.996
Applies to Mobility
SyncDog Compliance
Description
Review and measure Physical Protection activities for effectiveness.
NIST 800-171 Reference Pointers
Level 5 Physical Protection (PE)
Level
5
ID
PE.5.995
Applies to Mobility
SyncDog Compliance
Description
Standardize and optimize a documented approach for Physical Protection across all applicable organizational units.
NIST 800-171 Reference Pointers
Level 2 Recovery (RE)
Level
2
2
2
2
ID
RE.2.137
RE.2.138
RE.2.998
RE.2.999
Applies to Mobility
SyncDog Compliance
Description
Regularly perform and test data back-ups.
Protect the confidentiality of backup CUI at storage locations.
Document the CMMC practices to implement the Recovery policy.
Establish a policy that includes Recovery.
NIST 800-171 Reference Pointers
3.8.9
Level 3 Recovery (RE)
Level
3
3
ID
RE.3.139
RE.3.997
Applies to Mobility
SyncDog Compliance
Description
Regularly perform complete, comprehensive, and resilient data back-ups as organizationally defined.
Establish, maintain, and resource a plan that includes Recovery.
NIST 800-171 Reference Pointers
Level 4 Recovery (RE)
Level
4
ID
RE.4.996
Applies to Mobility
SyncDog Compliance
Description
Review and measure Recovery activities for effectiveness.
NIST 800-171 Reference Pointers
Level 5 Recovery (RE)
Level
5
5
ID
RE.5.140
RE.5.995
Applies to Mobility
X
SyncDog Compliance
SyncDog supports a variety of implementations including high-availabilty options that can be deployed to ensure redundancy
Description
Ensure information processing facilities meet organizationally defined information security continuity, redundancy, and availability requirements.
Standardize and optimize a documented approach for Recovery across all applicable organizational units.
NIST 800-171 Reference Pointers
Level 2 Risk Management (RM)
Level
2
2
2
2
2
ID
RM.2.141
RM.2.142
RM.2.143
RM.2.998
RM.2.999
Applies to Mobility
X
X
SyncDog Compliance
SyncDog containers have internal scanning tools that automatically identify threats on the device and support configurable, automated responses to those threats
SyncDog supports configurable responses to identified threats based on risk level
Description
Periodically assess the risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals, resulting from the operation of organizational systems and the associated processing, storage, or transmission of CUI.
Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified.
Remediate vulnerabilities in accordance with risk assessments.
Document the CMMC practices to implement the Risk Management policy.
Establish a policy that includes Risk Management.
NIST 800-171 Reference Pointers
3.11.1
3.11.2
3.11.3
Level 3 Risk Management (RM)
Level
3
3
3
3
ID
RM.3.144
RM.3.146
RM.3.147
RM.3.997
Applies to Mobility
SyncDog Compliance
Description
Periodically perform risk assessments to identify and prioritize risks according to the defined risk categories, risk sources, and risk measurement criteria.
Develop and implement risk mitigation plans.
Manage non-vendor-supported products (e.g., end of life) separately and restrict as necessary to reduce risk.
Establish, maintain, and resource a plan that includes Risk Management.
NIST 800-171 Reference Pointers
Level 4 Risk Management (RM)
Level
4
4
4
4
4
ID
RM.4.148
RM.4.149
RM.4.150
RM.4.151
RM.4.996
Applies to Mobility
X
X
X
SyncDog Compliance
SyncDog reduces IT supply chain complexity by providing an end-to-end solution for managing servers and devices
SyncDog's threat scanners are consistently updated with latest threat data
SyncDog's on-premise solutions can deploy fully encrypted externally-facing relay servers while keeping internal servers fully inside the client network behind firewall protections
Description
Develop and update as required, a plan for managing supply chain risks associated with the IT supply chain.
Catalog and periodically update threat profiles and adversary TTPs.
Employ threat intelligence to inform the development of the system and security architectures, selection of security solutions, monitoring, threat hunting, and response and recovery activities.
Perform scans for unauthorized ports available across perimeter network boundaries over the organization's Internet network boundaries and other organizationally defined boundaries.
Review and measure Risk Management activities for effectiveness.
NIST 800-171 Reference Pointers
3.11.7e (800-171B)
3.11.1e (800-171B)
Level 5 Risk Management (RM)
Level
5
5
5
ID
RM.5.152
RM.5.155
RM.5.995
Applies to Mobility
SyncDog Compliance
Description
Utilize an exception process for non-whitelisted software that includes mitigation techniques.
Analyze the effectiveness of security solutions at least annually to address anticipated risk to the system and the organization based on current and accumulated threat intelligence.
Standardize and optimize a documented approach for Risk Management across all applicable organizational units.
NIST 800-171 Reference Pointers
3.11.5e (800-171B)
Level 2 Security Assessment (CA)
Level
2
2
2
2
2
ID
CA.2.157
CA.2.158
CA.2.159
CA.2.998
CA.2.999
Applies to Mobility
SyncDog Compliance
Description
Develop, document, and periodically update system security plans that describe system boundaries, system environments of operation, how security requirements are implemented, and the relationships with or connections to other systems.
Periodically assess the security controls in organizational systems to determine if the controls are effective in their application.
Develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems.
Document the CMMC practices to implement the Security Assessment policy.
Establish a policy that includes Security Assessment.
NIST 800-171 Reference Pointers
3.12.4
3.12.1
3.12.2
Level 3 Security Assessment (CA)
Level
3
3
3
ID
CA.3.161
CA.3.162
CA.3.997
Applies to Mobility
X
X
SyncDog Compliance
SyncDog supports automated monitoring of its server and device solutions
A SyncDog on-premise solution provdes the flexibility to align all systems with internal corporate policies
Description
Monitor security controls on an ongoing basis to ensure the continued effectiveness of the controls.
Employ a security assessment of enterprise software that has been developed internally, for internal use, and that has been organizationally defined as an area of risk.
Establish, maintain, and resource a plan that includes Security Assessment.
NIST 800-171 Reference Pointers
3.12.3
Level 4 Security Assessment (CA)
Level
4
4
4
4
ID
CA.4.163
CA.4.164
CA.4.227
CA.4.996
Applies to Mobility
X
SyncDog Compliance
SyncDog conducts regular penetration testing as part of its development process
Description
Create, maintain, and leverage a security strategy and roadmap for organizational cybersecurity improvement.
Conduct penetration testing periodically, leveraging automated scanning tools and ad hoc tests using human experts.
Periodically perform red teaming against organizational assets in order to validate defensive capabilities.
Review and measure Security Assessment activities for effectiveness.
NIST 800-171 Reference Pointers
3.12.1e (800-171B)
Level 5 Security Assessment (CA)
Level
5
ID
CA.5.995
Applies to Mobility
SyncDog Compliance
Description
Standardize and optimize a documented approach for Security Assessment across all applicable organizational units.
NIST 800-171 Reference Pointers
Level 2 Situational Awareness (SA)
Level
2
2
ID
SA.2.998
SA.2.999
Applies to Mobility
SyncDog Compliance
Description
Document the CMMC practices to implement the Situational Awareness policy.
Establish a policy that includes Situational Awareness.
NIST 800-171 Reference Pointers
Level 3 Situational Awareness (SA)
Level
3
3
ID
SA.3.169
SA.3.997
Applies to Mobility
SyncDog Compliance
Description
Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders.
Establish, maintain, and resource a plan that includes Situational Awareness.
NIST 800-171 Reference Pointers
Level 4 Situational Awareness (SA)
Level
4
4
ID
SA.4.171
SA.4.173
Applies to Mobility
X
X
SyncDog Compliance
SyncDog's automated detection can help identify threats on devices
SyncDog's network infrastructure has a wide variety of supported configurations for maximum security
Description
Establish and maintain a cyber threat hunting capability to search for indicators of compromise in organizational systems and detect, track, and disrupt threats that evade existing controls.
Design network and system security capabilities to leverage, integrate, and share indicators of compromise.
NIST 800-171 Reference Pointers
3.11.2e (800-171B)
Level 5 Situational Awareness (SA)
Level
5
ID
SA.5.995
Applies to Mobility
SyncDog Compliance
Description
Standardize and optimize a documented approach for Situational Awareness across all applicable organizational units.
NIST 800-171 Reference Pointers
Level 1 System and Communications Protection (SC)
Level
1
1
ID
SC.1.175
SC.1.176
Applies to Mobility
X
X
SyncDog Compliance
SyncDog's Trusted Workspace uses a private, dedicated connection that fully secures access to data by using Validated FiPS 140-2 Certified 256 bit encryption while assigning, incorporating and administering profiles and entitlements that identifies rights and privileges of every user. Our DLP and Data integrity capabilities are the hallmark of our solution.
A SyncDog on-premise rdeployment virtually separates device access to internal resources, from the internal network, by not allowing packets to traverse from outside the network to inside the network. SyncDog's unique transport technology is superior to VPN implementations because external devices are not actually connected to the internal network, but rather segmented trhough a transport server.
Description
Monitor, control, and protect organizational communications (i.e., information transmitted or received by organizational information systems) at the external boundaries and key internal boundaries of the information systems.
Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks.
NIST 800-171 Reference Pointers
3.13.1
3.13.5
Level 2 System and Communications Protection (SC)
Level
2
2
2
2
ID
SC.2.178
SC.2.179
SC.2.998
SC.2.999
Applies to Mobility
X
X
X
SyncDog Compliance
The SyncDog Trusted Workspace enables admistrative control over all devices accessing the workspace and administers control over what apps and data are allowed to be accessed - allowing greater SECURE usage of mobile devices to access CUI and other sensitive information.
Out of the Box Functionality - SyncDog was built from the ground up to ensure all data being accessed, stored and transmitted to and from mobile devices is highly secure. SyncDog uses Validated FIPS 140-2 Certified 256 bit encryption to protect data at Rest, in Use and in Transit.
SyncDog is easily incorporated into corporate wide security policies
Description
Prohibit remote activation of collaborative computing devices and provide indication of devices in use to users present at the device.
Use encrypted sessions for the management of network devices.
Document the CMMC practices to implement the System and Communications Protection policy.
Establish a policy that includes System and Communications Protection.
NIST 800-171 Reference Pointers
3.13.12
Level 3 System and Communications Protection (SC)
Level
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
ID
SC.3.177
SC.3.180
SC.3.181
SC.3.182
SC.3.183
SC.3.184
SC.3.185
SC.3.186
SC.3.187
SC.3.188
SC.3.189
SC.3.190
SC.3.191
SC.3.192
SC.3.193
SC.3.997
Applies to Mobility
X
X
X
X
X
X
X
X
X
X
X
X
X
SyncDog Compliance
Out of the Box Functionality - SyncDog was built from the ground up to ensure all data being accessed, stored and transmitted to and from mobile devices is highly secure. SyncDog uses Validated FIPS 140-2 Certified 256 bit encryption to protect data at Rest, in Use and in Transit.
SyncDog's designs and development processes are designed for maximum security implementation.
SyncDog's solution provides user permission segmentation and per-user policy management
SyncDog's Trusted Mobile Workspace creates fully secure access from mobile devices and endpoints by using Validated FiPS 140-2 Certified 256 bit enryption while assigning and incorporating profiles and entitlements to identify rights and priviledges of every mobile user. Our Data Loss Protection (DLP) and Data integrity capabilities are the hallmark of our solution.
SyncDog's on-premise solutions allow all inbound network trafic to be denied at the firewall level while still allowing permitted access to internal resources for devices secured by our container.
SyncDog's Trusted Workspace goes one step further by only allowing a single direction communication to and from our workspace and fully encrypts all data being transmitted through that communication channel. Our DLP and Data integrity capabilities are the hallmark of our solution.
SyncDog's Trusted Workspace secures all data being accessed, transmitted or stored within the solution by using Validated FiPS 140-2 Certified 256 bit encryption to protect access and usage of CUI. Our DLP and Data integrity capabilities are the hallmark of our solution.
Out of the Box Functionality
The SyncDog Trusted workspace provisions using an Elliptic curve Diffie-Hellman key exchange generated with a SHA-256 hashing algorithm. The multi-part crypto key is then spread out over the device so it can not be re-generated
Out of the Box Functionality
SyncDog's Trusted Workspace goes one step further by only allowing a single direct communication from our workspace and fully encrypts all data being transmitted through that communication channel. Our DLP and Data integrity capabilities are the hallmark of our solution.
Out of the Box Functionality - SyncDog was built from the ground up to ensure all data being accessed, stored and transmitted to and from mobile devices is highly secure. SyncDog uses Validated FIPS 140-2 Certified 256 bit encryption to protect data at Rest, in Use and in Transit.
SyncDog containers disallow copy and paste functions for data inside the container and do not support sharing function on devices.
Description
Employ FIPS-validated cryptography when used to protect the confidentiality of CUI.
Employ architectural designs, software development techniques, and systems engineering principles that promote effective information security within organizational systems.
Separate user functionality from system management functionality.
Prevent unauthorized and unintended information transfer via shared system resources.
Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).
Prevent remote devices from simultaneously establishing non-remote connections with organizational systems and communicating via some other connection to resources in external networks (i.e., split tunneling).
Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards.
Terminate network connections associated with communications sessions at the end of the sessions or after a defined period of inactivity.
Establish and manage cryptographic keys for cryptography employed in organizational systems.
Control and monitor the use of mobile code.
Control and monitor the use of Voice over Internet Protocol (VoIP) technologies.
Protect the authenticity of communications sessions.
Protect the confidentiality of CUI at rest.
Implement Domain Name System (DNS) filtering services.
Implement a policy restricting the publication of CUI on externally owned, publicly accessible websites (e.g., forums, LinkedIn, Facebook, Twitter).
Establish, maintain, and resource a plan that includes System and Communications Protection.
NIST 800-171 Reference Pointers
3.13.11
3.13.2
3.13.3
3.13.4
3.13.6
3.13.7
3.13.8
3.13.9
3.13.10
3.13.13
3.13.14
3.13.15
3.13.16
Level 4 System and Communications Protection (SC)
Level
4
4
4
4
4
4
ID
SC.4.197
SC.4.199
SC.4.202
SC.4.228
SC.4.229
SC.4.996
Applies to Mobility
X
X
SyncDog Compliance
SyncDog goes a step further by blocking all un-authorized API and scripts calls to the environment. When SyncDog's Trusted Mobile Workspace is used to containerize all CUI and other sensitive or work related data, continued analysis of boundary intrusion is alleviated
A SyncDog on-premise deployment allows users on mobile devices to inherit firewall restrictions and URL blacklists set on the corporate firewall
Description
Employ physical and logical isolation techniques in the system and security architecture and/or where deemed appropriate by the organization.
Utilize threat intelligence to proactively block DNS requests from reaching malicious domains.
Employ mechanisms to analyze executable code and scripts (e.g., sandbox) traversing Internet network boundaries or other organizationally defined boundaries.
Isolate administration of organizationally defined high-value critical network infrastructure components and servers.
Utilize a URL categorization service and implement techniques to enforce URL filtering of websites that are not approved by the organization.
Review and measure System and Communications Protection activities for effectiveness.
NIST 800-171 Reference Pointers
3.13.4e (800-171B)
3.13.2
Level 5 System and Communications Protection (SC)
Level
5
5
5
5
ID
SC.5.198
SC.5.208
SC.5.230
SC.5.995
Applies to Mobility
X
SyncDog Compliance
SyncDog policies can be configured side-by-side with other corporate systems to support organizationally defined boundaries
Description
Configure monitoring systems to record packets passing through the organization's Internet network boundaries and other organizationally defined boundaries.
Employ organizationally defined and tailored boundary protections in addition to commercially available solutions.
Enforce port and protocol compliance.
Standardize and optimize a documented approach for System and Communications Protection across all applicable organizational units.
NIST 800-171 Reference Pointers
Level 1 System and Information Integrity (SI)
Level
1
1
1
1
ID
SI.1.210
SI.1.211
SI.1.212
SI.1.213
Applies to Mobility
X
X
X
SyncDog Compliance
The SyncDog Trusted Workspace completely isolates CUI/Government and corporate data from the device and operating system, creating an impenetrable shell that malicious code and other corruptive techniques are not able to access. So even if the device becomes corrupted or malicious code is accessed, CUI data and all other data in the workspace is still in tact and protected. Our DLP and Data integrity capabilities are the hallmark of our solution
The SyncDog Trusted Workspace incorporates Anti Virus and Mobile Threat Detection capapbilities as added security measures. So even if corrupt data or files are accessed within the workspace or if the device or operating system is corrupted, all data and files within the workspace will remain in tact and protected. Our DLP and Data integrity capabilities are the hallmark of our solution
Supported. SyncDog incorporates Mobile Threat Defense technology to continuously scan for malicious activiy. Better still, these security mechanisms are only secondary to the isolation and encryption techniques utilized that protects the itegrity of CUI and all other data even in the presence of malicious code and other threats
Description
Identify, report, and correct information and information system flaws in a timely manner.
Provide protection from malicious code at appropriate locations within organizational information systems.
Update malicious code protection mechanisms when new releases are available.
Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.
NIST 800-171 Reference Pointers
3.14.1
3.14.2
3.14.4
3.14.5
Level 2 System and Information Integrity (SI)
Level
2
2
2
2
2
ID
SI.2.214
SI.2.216
SI.2.217
SI.2.998
SI.2.999
Applies to Mobility
X
X
X
X
SyncDog Compliance
The SyncDog Trusted Workspace incorporates Anti Virus and Mobile Threat Detection capapbilities as added security measures. Furthermore, even if corrupt data or files are accessed within the workspace or if the device or operating system is corrupted, all data and files within the workspace will remain in tact and protected. Our DLP and Data integrity capabilities are the hallmark of our solution
The SyncDog Trusted Workspace completely isolates CUI/Government and corporate data from the device and operating system, creating an impenetrable shell that maicious code and other corruptive techniques are not able to access. So even if the device becomes corrupted or malicious code is accessed, CUI data and all other data in the workspace is still in tact and protected. Our DLP and Data integrity capabilities are the hallmark of our solution
SyncDog uses profiles and entitlements to identify and administer the rights and priviledges of every user, and to track and audit all access and usage of data and files and to the solution itself. Our DLP and Data integrity capabilities are the hallmark of our solution.
SyncDog is easily incorporated in these corporate policies, practices and procedures
Description
Monitor system security alerts and advisories and take action in response.
Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks.
Identify unauthorized use of organizational systems.
Document the CMMC practices to implement the System and Information Integrity policy.
Establish a policy that includes System and Information Integrity.
NIST 800-171 Reference Pointers
3.14.3
3.14.6
3.14.7
Level 3 System and Information Integrity (SI)
Level
3
3
3
3
ID
SI.3.218
SI.3.219
SI.3.220
SI.3.997
Applies to Mobility
X
SyncDog Compliance
SyncDog is easily incorporated in these corporate policies, practices and procedures
Description
Employ spam protection mechanisms at information system access entry and exit points.
Implement email forgery protections.
Utilize sandboxing to detect or block potentially malicious email.
Establish, maintain, and resource a plan that includes System and Information Integrity.
NIST 800-171 Reference Pointers
Level 4 System and Information Integrity (SI)
Level
4
4
ID
SI.4.221
SI.4.996
Applies to Mobility
X
SyncDog Compliance
Supported. SyncDog incorporated Mobile Threat Defense technology to continuously scan for malicious activiy. Better still, these security mechanisms are only secondary to the isolation and encryption techniques utilized to protects the itegrity of CUI and all other data even in the presence of malicious code and other threats
Description
Use threat indicator information relevant to the information and systems being protected and effective mitigations obtained from external organizations to inform intrusion detection and threat hunting.
Review and measure System and Information Integrity activities for effectiveness.
NIST 800-171 Reference Pointers
3.14.6e (800-171B)
Level 5 System and Information Integrity (SI)
Level
5
5
5
ID
SI.5.222
SI.5.223
SI.5.995
Applies to Mobility
X
X
X
SyncDog Compliance
SyncDog goes a step further by blocking all un-authorized API and scripts calls to the environment. When SyncDog's Trusted Mobile Workspace is used to containerize all CUI and other sensitive or work related data, continued analysis of boundary intrusion is alleviated
The SyncDog Trusted Workspace completely isolates CUI/Government and corporate data from the device and operating system, creating a impenetrable shell that maicious code and other corruptive techniques are not able to access. So even if the device becomes corrupted or malicious code is accessed, CUI data and all other data in the workspace is still in tact and protected. Our DLP and Data integrity capabilities are the hallmark of our solution
SyncDog is easily incorporated in these corporate policies, practices and procedures
Description
Analyze system behavior to detect and mitigate execution of normal system commands and scripts that indicate malicious actions.
Monitor individuals and system components on an ongoing basis for anomalous or suspicious behavior.
Standardize and optimize a documented approach for System and Information Integrity across all applicable organizational units.
NIST 800-171 Reference Pointers
3.14.2e (800-171B)
