CMMC Level 2 Guest Access Policy for Teams and SharePoint
One guest account can break a clean compliance boundary. When I write a CMMC guest access policy, I start with a blunt rule: if a Team or SharePoint site may…
CMMC Audit Log Retention Setup in Microsoft 365
The worst time to think about retention is when an assessor asks for six-month-old evidence and my log search comes back empty. In Microsoft 365, CMMC audit log retention is…
CMMC Level 2 Service Account Policy for Small Contractors
The quietest account in your network can create the loudest audit finding. When I review small DIB environments, service accounts are often old, shared, or far too powerful. That matters…
CMMC BYOD Intune: App Protection Policies for Level 2
Personal phones can open a door to CUI fast. They can also open the wrong door if I let work data spill outside managed apps. When I build a CMMC…
CMMC Intune Compliance for iPhone and Android in 2026
A phone that touches CUI stops being “just a phone.” It becomes an endpoint, an access path, and an audit item. When I build CMMC Intune compliance for defense contractors,…
CMMC Level 2 Attack Surface Reduction Rules in Defender
Defender attack surface reduction is one of the fastest ways I reduce attacker options on Windows endpoints. For defense contractors working toward CMMC Level 2, that matters because phishing, macros,…
CMMC Level 2 BYOD Policy for Microsoft 365 That Holds Up
Personal devices can speed work, but they can also punch holes in a CUI boundary. For CMMC Level 2 BYOD in Microsoft 365, my rule is simple: if a personal…
CMMC Level 2 Microsoft Sentinel Setup for Small Contractors
If I’m building a Microsoft Sentinel CMMC monitoring plan for a small federal contractor, I start with one hard truth: Sentinel can support a CMMC Level 2 program, but it…
CMMC Level 2 Microsoft Purview DLP Setup Guide for CUI
Protecting Microsoft Purview DLP for CMMC Level 2 sounds easy until the first policy floods the help desk with noise. I treat DLP like a gate guard. It won’t make…
A Practical CMMC Purview DLP Policy for CUI in Microsoft 365
A DLP policy is like a gate, not the whole fence. When I build CMMC Purview DLP controls for Controlled Unclassified Information in Microsoft 365, I treat them as one…