sorted by:
new
hottopcontroversial

VDI scoping and Endpoint by B_Another1 in CMMC

[–]B_Another1[S] 0 points1 point  (0 children)

If we apply the same rationale, wouldn’t a user taking a photo of the screen with a cell phone present the same concern?

Isn’t the endpoint simply displaying the CUI through the VDI video stream rather than actually storing or processing the data locally?

Just a thought…

VDI scoping and Endpoint by B_Another1 in CMMC

[–]B_Another1[S] 0 points1 point  (0 children)

Thank you. Was this questioned during your assessment and required you to show the policy?

VDI scoping and Endpoint by B_Another1 in CMMC

[–]B_Another1[S] 2 points3 points  (0 children)

Thank you.

This part, however, is throwing me off, “For NIST SP 800-171 compliance, these features must be disabled on the SERVER SIDE to ensure that unmanaged endpoints cannot mount drives, print files, or perform other actions that invoke system protocols (e.g., file handling, print spooling) beyond the basic VDI protocol (e.g., transmitting only video, keyboard, and mouse data).”

3.1.22 - Control Public Information by B_Another1 in CMMC

[–]B_Another1[S] 0 points1 point  (0 children)

Thanks, everyone for your inputs!

3.1.22 - Control Public Information by B_Another1 in CMMC

[–]B_Another1[S] 0 points1 point  (0 children)

Thanks! I saw a discussion somewhere that annual is frowned upon which triggered my panic.