CMMC Level 2
Control 3.13.12
Prohibit Remote Activation of Collaborative Computing Devices
CMMC-RP Certified Team
24+ Years Experience
2,500+ Clients Served
Official Requirement
Prohibit remote activation of collaborative computing devices and provide indication of devices in use to users present at the device.
What This Means in Plain English
Webcams, microphones, and smart conference room devices should not be remotely activated without the knowledge of people in the room. There should be a clear indicator (like a light) when these devices are active.
How Petronella Implements This Control
Petronella Technology Group implements this control through:
- Group Policy disabling remote activation of webcams and microphones
- Physical privacy covers on all laptop webcams provided to employees
- Conference room systems requiring local activation with LED indicators showing active status
- Sophos XDR monitoring for unauthorized activation of audio/video devices
- ComplianceArmor policy requiring physical indicators on all collaborative computing devices
Assessment Guidance
Assessors will verify that remote activation of collaborative devices is disabled, check for physical indicators on active devices, test that webcams and microphones cannot be activated remotely, and review GPO settings for device control.
Common Implementation Gaps
- Webcams and microphones remotely activatable without user knowledge
- No physical indicators (LED lights) on active devices
- No policy addressing collaborative computing device security
- Smart conference room devices with remote access enabled by default
- No physical privacy covers for cameras
Cross-Framework Mapping
| Framework | Mapped Controls |
|---|---|
| NIST SP 800-53 | SC-15 |
Need Help Implementing 3.13.12?
Our CMMC-RP certified team can assess your current compliance posture and build a remediation plan.
Schedule a Compliance Assessment