NIST SP 800-171
Control 3.10.6
Enforce Safeguarding Measures at Alternate Work Sites
CMMC-RP Certified Team
24+ Years Experience
2,500+ Clients Served
Official Requirement
Enforce safeguarding measures for CUI at alternate work sites (e.g., telework sites).
What This Means in Plain English
Employees working from home or other remote locations must protect CUI with the same rigor as in the office. This means secure workspace, locked screens, encrypted devices, and controlled document handling.
How Petronella Implements This Control
Petronella Technology Group implements this control through:
- Telework security policy defining safeguarding requirements for remote work environments
- Encrypted laptops with VPN required for all remote CUI access
- Privacy screens required on devices used for CUI in shared spaces
- Clean desk policy for remote workers handling paper CUI
- Annual telework security agreement signed by all remote workers via ComplianceArmor
Assessment Guidance
Assessors will review the telework security policy, verify that remote workers have signed security agreements, check that remote devices meet security requirements (encryption, VPN), and confirm that remote work safeguards are defined and enforceable.
Common Implementation Gaps
- No telework security policy
- Remote workers accessing CUI without VPN or encryption
- No security agreement for remote workers
- CUI documents printed at home without secure disposal
- Shared home computers used for CUI access
Cross-Framework Mapping
| Framework | Mapped Controls |
|---|---|
| NIST SP 800-53 | PE-17 |
Need Help Implementing 3.10.6?
Our CMMC-RP certified team can assess your current compliance posture and build a remediation plan.
Schedule a Compliance Assessment