END-14.2: Explicitly Indicate Current Participants

There is no evidence of a capability to provide an explicit indication of current participants in online meetings and teleconferences.

C|P-CMM1 is N/A, since a structured process is required to provide an explicit indication of current participants in online meetings and teleconferences.

C|P-CMM2 is N/A, since a well-defined process is required to provide an explicit indication of current participants in online meetings and teleconferences.

Endpoint Security (END) efforts are standardized across the organization and centrally managed, where technically feasible, to ensure consistency. CMM Level 3 control maturity would reasonably expect all, or at least most, the following criteria to exist:

• Configuration management is centralized for all operating systems, applications, servers and other configurable technologies.
• Technologies are configured to protect data with the strength and integrity commensurate with the classification or sensitivity of the information and conform to industry-recognized standards for hardening (e.g., DISA STIGs, CIS Benchmarks or OEM security guides), including test, development, staging and production environments.
• Configurations conform to industry-recognized standards for hardening (e.g., DISA STIGs, CIS Benchmarks or OEM security guides) for test, development, staging and production environments.
• An Identity & Access Management (IAM) function, or similar function, centrally manages permissions and implements “least privileges” practices for the management of user, group and system accounts, including privileged accounts.
• An IT Asset Management (ITAM) function, or similar function, categorizes endpoint devices according to the data the asset stores, transmits and/ or processes and applies the appropriate technology controls to protect the asset and data that conform to industry-recognized standards for hardening (e.g., DISA STIGs, CIS Benchmarks or OEM security guides).
• A Security Operations Center (SOC), or similar function, centrally manages anti-malware and anti-phishing technologies, in accordance with industry-recognized practices for Prevention, Detection & Response (PDR) activities.
• A Security Incident Event Manager (SIEM), or similar automated tool, is tuned to detect and respond to anomalous behavior that could indicate account compromise or other malicious activities.
• The Human Resources (HR) department ensures that every user accessing a system that processes, stores, or transmits sensitive/regulated data is cleared and regularly trained in proper data handling practices.
• Unauthorized configuration changes are responded to in accordance with an Incident Response Plan (IRP) to determine if the any unauthorized configuration is malicious in nature.

See C|P-CMM3. There are no defined C|P-CMM4 criteria, since it is reasonable to assume a quantitatively-controlled process is not necessary to provide an explicit indication of current participants in online meetings and teleconferences.

See C|P-CMM4. There are no defined C|P-CMM5 criteria, since it is reasonable to assume a continuously-improving process is not necessary to provide an explicit indication of current participants in online meetings and teleconferences.