NIST SP 800-171
Control 3.13.13
Control and Monitor Use of Mobile Code
CMMC-RP Certified Team
24+ Years Experience
2,500+ Clients Served
Official Requirement
Control and monitor the use of mobile code.
What This Means in Plain English
Mobile code (JavaScript, ActiveX, Java applets, macros) that runs on your systems from external sources must be controlled. You need policies and technical controls to prevent malicious mobile code from executing.
How Petronella Implements This Control
Petronella Technology Group implements this control through:
- Microsoft Office macro execution restricted to digitally signed macros via Group Policy
- Browser security settings blocking ActiveX and untrusted Java applets
- Sophos XDR web filtering controlling access to sites with malicious scripts
- Email attachment filtering blocking macro-enabled documents from external sources
- ComplianceArmor mobile code policy defining approved and blocked mobile code types
Assessment Guidance
Assessors will verify that macro restrictions are enforced, test browser security settings for mobile code, check that email filters block dangerous attachments, and review the mobile code policy for completeness.
Common Implementation Gaps
- Office macros enabled for all documents without restriction
- No browser controls for ActiveX or Java
- Email allowing macro-enabled attachments from external senders
- No mobile code policy
- PowerShell scripts executing without restriction
Cross-Framework Mapping
| Framework | Mapped Controls |
|---|---|
| NIST SP 800-53 | SC-18 |
Need Help Implementing 3.13.13?
Our CMMC-RP certified team can assess your current compliance posture and build a remediation plan.
Schedule a Compliance Assessment