CMMC Level 1 & 2 Compliance Guide: Endpoint Security & Access Control
What Is CMMC, and Who Needs It?
Definition
The Cybersecurity Maturity Model Certification (CMMC) is the DoD’s cybersecurity standard designed to ensure that contractors safeguard sensitive government data.
Why It Matters
CMMC protects two categories of sensitive information:
- Federal Contract Information (FCI): Basic contract data not meant for public release
- Controlled Unclassified Information (CUI): Sensitive information that requires stricter protection
Who Must Comply?
| Role | Requirement Level | Data Handled |
| DoD contractors handling FCI | CMMC Level 1 | Federal Contract Information |
| DoD contractors handling CUI | CMMC Level 2 | Controlled Unclassified Information |
Level 1 focuses on foundational safeguards, while Level 2 aligns with the NIST 800-171 standard and requires advanced monitoring, access control enforcement, and evidence-ready auditing.
Also Read: IT Security Compliance Solutions – Ensure Regulatory Readiness
Get Audit-Ready Today
Learn exactly how CurrentWare products map to AC, MP, AU, CM, and SI controls to provide necessary evidence and logs
How to Meet CMMC Level 1 & Level 2 Requirements
CMMC Level 1
Focus: Protecting FCI
Controls Require:
- Basic access control
- Device restrictions
- Minimal logging and evidence retention
This level ensures only authorized users and devices can access FCI.
CMMC Level 2 (Advanced Safeguards – NIST 800-171 Alignment)
Focus: Protecting CUI with robust security
Controls Require:
- Comprehensive auditing
- Endpoint and device monitoring
- File transfer visibility
- Advanced access control
- Evidence retention for assessments
Level 2 typically applies to prime contractors and higher risk subcontractors handling sensitive CUI.
Also Read: Insider Threat Detection Software for Monitoring & Prevention | CurrentWare
Key CMMC Controls That Impact Endpoints
1) Access Control (AC)
Definition: Limit who can access systems and define what actions they can perform.
Risks: Unauthorized access, insider misuse, data exfiltration.
Required Actions
- Enforce least privilege
- Limit external system connections
- Restrict mobile and removable devices
- Control uploads and data movement
CurrentWare Mapping for Access Control
| Control | Requirement | CurrentWare Solution |
| AC.L2-3.1.2 | Limit functions per user | BrowseControl blocks sites, apps, ports |
| AC.L2-3.1.5 | Enforce least privilege | AccessPatrol sets per-user USB/device permissions |
| AC.L2-3.1.18 | Control mobile devices | Block USB phones & Bluetooth devices |
| AC.L2-3.1.20 | Limit external systems | Create device/site allowlists |
| AC.L2-3.1.22 | Control uploads | Block risky storage & cloud apps |
2) Media Protection (MP)
Definition: Control removable media use (USBs, external drives).
Risks: CUI leakage, unauthorized file transfers, untracked device use.
Required Actions
- Whitelist authorized USB devices
- Track file transfers
- Maintain device accountability logs
CurrentWare Mapping for Media Protection
| Control | Requirement | CurrentWare Solution |
| MP.L2-3.8.3 | Media disposal & traceability | USB usage logs for investigators |
| MP.L2-3.8.5 | Media accountability | Track files copied to USB |
| MP.L2-3.8.7 | Prevent unauthorized media | Device control + hardware allowlisting |
3) Audit & Accountability (AU)
Definition: Generate and retain logs that provide visibility into user actions.
Risks: No evidence during audits, inability to investigate incidents, compliance failure.
Required Actions
- Create audit logs
- Retain logs for investigations
- Tie actions to specific users
CurrentWare Mapping for Auditing
| Control | Requirement | CurrentWare Solution |
| AU.L2-3.3.1 | Create / retain logs | BrowseReporter + AccessPatrol logs |
| AU.L2-3.3.2 | User-level accountability | Unique user activity tracking & reporting |
4) Configuration Management (CM)
Definition: Limit systems to essential applications, ports, and services.
Risks: Attack surface expansion, malware, shadow IT.
Required Actions
- Disable unnecessary applications
- Block unused ports/services
CurrentWare Mapping for CM
| Control | Requirement | Solution |
| CM.L2-3.4.6 | Enforce least functionality | Block apps, sites & categories |
| CM.L2-3.4.7 | Disable nonessential services | Block TCP/UDP ports via BrowseControl |
5) System Integrity (SI)
Definition: Detect and prevent unauthorized usage or security violations.
Risks: Insider threats, policy violations, unauthorized tool use.
Required Actions
- Monitor user activity
- Flag anomalies
- Provide evidence during assessments
CurrentWare Mapping for System Integrity
| Control | Required Action | Solution |
| SI.L2-3.14.7 | Identify unauthorized use | Monitor web, application, and file activity |
How CurrentWare Simplifies CMMC Compliance
CurrentWare provides essential endpoint controls, monitoring, and evidence logs required for both CMMC Level 1 and Level 2, without complex deployments or heavy infrastructure.
Plug-and-Play Deployment
Fast installation for on-premise, hybrid, or air-gapped environments.
Endpoint Security + Monitoring + DLP in One Suite
Protect endpoints handling FCI and CUI with unified controls.
Audit Ready Logs Mapped to CMMC Controls
All user activity logs are mapped to AC, AU, MP, CM, and SI requirements.
USB Whitelisting + File Transfer Tracking
Meet media accountability and prevent unauthorized removable storage.
Products Used for CMMC Compliance
- AccessPatrol: USB & removable media control
- BrowseControl: Web filtering, port blocking, application control
- BrowseReporter: User activity monitoring, log retention, anomaly visibility
CMMC Compliance Checklist for DoD Contractors
Access Control
- Enforce least privilege
- Restrict ports, sites & apps
- Block mobile phones and removable devices
- Allowlist trusted systems only
Media Protection
- Whitelist approved USB devices
- Track file transfers
- Store logs for audit investigations
Audit Logs
- Record user activity across endpoints
- Retain evidence for assessments
Configuration Management
- Block nonessential apps and services
- Limit endpoint functionality
System Integrity
- Detect unauthorized use
- Monitor applications, browsing, and file actions
Also Read: AccessPatrol | USB Device Control Software & Endpoint DLP
Monitor with Confidence and Trust
See how you can build a more secure and transparent workplace
- → Real-time tracking
- → Data for compliance and cost-saving decisions
Frequently Asked Questions:
Author
Derek B
Customer Success Manager, CurrentWare
Derek is a Customer Success Manager at CurrentWare, dedicated to helping clients realize long-term value from their products. Since 2016, he has worked in the tech sector, driving real ROI through tailored onboarding, proactive support, and strategic guidance on critical solutions like software licence optimization, employee productivity, web filtering and USB device control. Derek fosters strong relationships and cross-functional collaboration to boost retention, satisfaction, and growth, ensuring clients effectively manage productivity and security.
