NIST SP 800-171
Control 3.13.4
Prevent Unauthorized Information Transfer
CMMC-RP Certified Team
24+ Years Experience
CMMC-AB RPO #1449
Official Requirement
Prevent unauthorized and unintended information transfer via shared system resources.
What This Means in Plain English
Systems must prevent information from leaking between users or processes through shared resources like memory, storage, or processing. This is especially important in virtualized and cloud environments where resources are shared.
How Petronella Implements This Control
Petronella Technology Group implements this control through:
- Hypervisor security controls ensuring virtual machine isolation on shared infrastructure
- Memory protections and process isolation enforced by operating system security features
- No shared file storage between different security domains without explicit access controls
- DLP policies preventing data transfer between CUI and non-CUI environments
- Secure configuration of shared services (print servers, file shares) to prevent data leakage
Assessment Guidance
Assessors will review shared resource configurations, verify that virtualization provides adequate isolation, test that data cannot leak between security domains via shared resources, and check that DLP controls are effective.
Common Implementation Gaps
- Virtual machines with CUI and non-CUI on the same host without isolation
- Shared file storage accessible across security domains
- No DLP on shared resources
- Shared printers accessible from both CUI and non-CUI networks
- Clipboard sharing enabled between VMs of different security levels
Cross-Framework Mapping
| Framework | Mapped Controls |
|---|---|
| NIST SP 800-53 | SC-4 |
Need Help Implementing 3.13.4?
Our CMMC-RP certified team can assess your current compliance posture and build a remediation plan.
Schedule a Compliance Assessment Calculate your SPRS score