CMMC Level 2
Control 3.1.12
Monitor and Control Remote Access
CMMC-RP Certified Team
24+ Years Experience
2,500+ Clients Served
Official Requirement
Monitor and control remote access sessions.
What This Means in Plain English
Any time someone connects to your systems remotely (VPN, remote desktop, cloud access), that connection must be monitored, logged, and controlled. You need visibility into who is connecting remotely and what they are doing.
How Petronella Implements This Control
Petronella Technology Group implements this control through:
- FortiGate VPN with full session logging including user identity, source IP, and duration
- Arctic Wolf SIEM aggregating and correlating all remote access logs in real-time
- Microsoft Entra Conditional Access policies enforcing device compliance and MFA for remote sessions
- CrowdStrike Falcon monitoring remote session activities for anomalous behavior
- ComplianceArmor documenting approved remote access methods and authorized users
- Cisco Meraki network monitoring tracking all remote connections to the infrastructure
Assessment Guidance
Assessors will review remote access logs for completeness, verify that all remote access methods are documented and authorized, test that unauthorized remote access methods are blocked, and confirm real-time monitoring and alerting is in place.
Common Implementation Gaps
- Remote access sessions not logged or monitored
- Unauthorized remote access tools (TeamViewer, AnyDesk) in use
- No centralized visibility into all remote connections
- VPN split-tunnel configuration allowing unmonitored traffic
- Remote access policy not documented or enforced
Cross-Framework Mapping
| Framework | Mapped Controls |
|---|---|
| NIST SP 800-53 | AC-17(1) |
| HIPAA | 164.312(e)(1) - Transmission Security |
| PCI DSS | Req 8.1.5 - Manage IDs used by third parties for remote access |
Need Help Implementing 3.1.12?
Our CMMC-RP certified team can assess your current compliance posture and build a remediation plan.
Schedule a Compliance Assessment