A Practical CMMC Purview DLP Policy for CUI in Microsoft 365
A DLP policy is like a gate, not the whole fence. When I build CMMC Purview DLP controls for Controlled Unclassified Information in Microsoft 365, I treat them as one…
CMMC USB Controls With Intune And Defender For Endpoint
USB drives are tiny, cheap, and easy to ignore. They’re also one of the fastest ways to move Controlled Unclassified Information off a managed endpoint. When I build CMMC USB…
CMMC Level 2 SPRS Score Guide For Microsoft 365 Shops
If you run Microsoft 365 for a small or mid-size defense contractor, your CMMC SPRS score can feel like a math test you never studied for. The good news is…
CMMC Level 2 Windows LAPS Setup Guide for Small Contractors
Shared local admin passwords are a gift to attackers. For small contractors working toward CMMC Level 2, they also create a clear gap in least privilege and audit trails. In…
CMMC Level 2 Media Protection Plan For USB And Printing
A USB drive and a printer can undo months of security work in one afternoon. One file copy to the wrong thumb drive, or one “I’ll grab it later” printout,…
CMMC Level 2 Intune Baseline for Windows 11 Hardening (Intune-First)
If you handle CUI on Windows 11 endpoints, you already know the hard part is consistency. One laptop that drifts from standard can undo months of good work. That’s why…
CMMC Level 2 LAPS Setup Using Intune And Entra ID
What happens when one shared local admin password lives on every Windows device? One stolen credential can act like a master key. That’s why I treat CMMC Level 2 LAPS…
CMMC Level 2 CUI Data Flow Diagram Template for Microsoft 365
If a CUI flow diagram feels fuzzy, the whole compliance story feels fuzzy. In Microsoft 365, I want a diagram that shows where Controlled Unclassified Information enters, where it moves,…
CMMC Level 2 Password and Lockout Policy in Microsoft 365, exact settings, common fails, and evidence screenshots
Passwords are still the front door key for most Microsoft 365 tenants. In a CMMC Level 2 assessment, that key has to be strong, monitored, and backed by proof. I…
CMMC Level 2 Remote Access Controls Using Entra ID and VPN: A Practical Guide
Remote access is where good security programs get messy. One “temporary” exception turns into a permanent hole, then an assessor asks you to prove you monitor and control every session.…