CMMC Level 2
Control 3.1.16
Authorize Wireless Access
CMMC-RP Certified Team
24+ Years Experience
2,500+ Clients Served
Official Requirement
Authorize wireless access prior to allowing such connections.
What This Means in Plain English
Before any device can connect to your wireless network, it must be specifically authorized. This means having formal approval processes for wireless access and technical controls preventing unauthorized wireless connections.
How Petronella Implements This Control
Petronella Technology Group implements this control through:
- Cisco Meraki wireless access points with 802.1X authentication requiring certificate or credential validation
- Separate SSIDs for corporate (authenticated) and guest (isolated) wireless networks
- Microsoft Entra device compliance required before wireless network access is granted
- Wireless access request and approval workflow documented in ComplianceArmor
- Regular wireless site surveys to detect and eliminate rogue access points
Assessment Guidance
Assessors will verify that wireless access requires authentication, test that unauthorized devices cannot join the corporate wireless network, review wireless access authorization procedures, and confirm guest wireless is isolated from the corporate network.
Common Implementation Gaps
- Open wireless networks with no authentication
- Pre-shared keys used for corporate wireless instead of 802.1X
- No separate guest wireless network
- Guest network not isolated from corporate resources
- No process for authorizing wireless access
Cross-Framework Mapping
| Framework | Mapped Controls |
|---|---|
| NIST SP 800-53 | AC-18 |
| PCI DSS | Req 1.2.3 - Install personal firewall software on wireless devices |
Need Help Implementing 3.1.16?
Our CMMC-RP certified team can assess your current compliance posture and build a remediation plan.
Schedule a Compliance Assessment