CMMC USB Controls With Intune And Defender For Endpoint
USB drives are tiny, cheap, and easy to ignore. They’re also one of the fastest ways to move Controlled Unclassified Information off a managed endpoint. When I build CMMC USB…
CMMC Level 2 SPRS Score Guide For Microsoft 365 Shops
If you run Microsoft 365 for a small or mid-size defense contractor, your CMMC SPRS score can feel like a math test you never studied for. The good news is…
CMMC Level 2 Windows LAPS Setup Guide for Small Contractors
Shared local admin passwords are a gift to attackers. For small contractors working toward CMMC Level 2, they also create a clear gap in least privilege and audit trails. In…
CMMC Level 2 Media Protection Plan For USB And Printing
A USB drive and a printer can undo months of security work in one afternoon. One file copy to the wrong thumb drive, or one “I’ll grab it later” printout,…
CMMC Level 2 Intune Baseline for Windows 11 Hardening (Intune-First)
If you handle CUI on Windows 11 endpoints, you already know the hard part is consistency. One laptop that drifts from standard can undo months of good work. That’s why…
CMMC Level 2 LAPS Setup Using Intune And Entra ID
What happens when one shared local admin password lives on every Windows device? One stolen credential can act like a master key. That’s why I treat CMMC Level 2 LAPS…
CMMC Level 2 CUI Data Flow Diagram Template for Microsoft 365
If a CUI flow diagram feels fuzzy, the whole compliance story feels fuzzy. In Microsoft 365, I want a diagram that shows where Controlled Unclassified Information enters, where it moves,…
CMMC Level 2 Password and Lockout Policy in Microsoft 365, exact settings, common fails, and evidence screenshots
Passwords are still the front door key for most Microsoft 365 tenants. In a CMMC Level 2 assessment, that key has to be strong, monitored, and backed by proof. I…
CMMC Level 2 Remote Access Controls Using Entra ID and VPN: A Practical Guide
Remote access is where good security programs get messy. One “temporary” exception turns into a permanent hole, then an assessor asks you to prove you monitor and control every session.…
CMMC Level 2 Policy Pack for Small Contractors (14 policies, plain-language templates that match NIST 800-171)
If you’re a small contractor, you don’t lose bids because you can’t do the work. You lose them because you can’t prove you protect CUI. That’s why CMMC Level 2…