Why you should never let users install their own software

At On Call, we're committed to keeping you updated on the latest compliance standards and helping you navigate the complex world of cybersecurity. In this edition of our newsletter, we want to shed light on a critical aspect of CMMC 2.0 Control CM L2-3.4.9 – Controlling and monitoring user-installed software, and why it's essential for your organization's compliance strategy.


Why Control and Monitor User-Installed Software Matters (CMMC 2.0 Control CM L2-3.4.9)


User-installed software can pose significant security risks if left uncontrolled and unmonitored. Unauthorized applications can create vulnerabilities in your systems, potentially leading to data breaches and regulatory non-compliance. CMMC 2.0 Control CM L2-3.4.9 is designed to address these risks by establishing procedures to:

  • Identify and track user-installed software.
  • Assess the security risks associated with such software.
  • Implement controls to mitigate those risks.
  • Continuously monitor for any unauthorized installations or activities.

Learn More with Our YouTube Video Lesson


To help you gain a deeper understanding of CMMC 2.0 Control CM L2-3.4.9, we've prepared a comprehensive video lesson available on our YouTube channel. This video provides insights, practical tips, and best practices for effectively controlling and monitoring user-installed software. Click the link below to watch the video now:

Click here to watch (and have a laugh!) at our Youtube channel


Have Questions? Schedule Time with Our Compliance Experts


We understand that compliance can be a complex and challenging journey. If you have any questions about CMMC 2.0 Control CM L2-3.4.9 or any other compliance-related matter, we're here to help. You can easily schedule a one-on-one consultation with one of our compliance experts. Simply click the link below to choose a convenient time:


Click here to schedule time with one of our certified compliance experts.


Our experts have extensive experience in DFARS, NIST SP 800-171, and CMMC compliance, and they're ready to assist you in achieving and maintaining compliance effectively.


Thank you for trusting On Call Compliance as your trusted compliance advisors. We're dedicated to providing you with the knowledge and resources you need to secure your organization and meet regulatory requirements.


Until Next Weeks Tip,

Backed by an award-winning cyber security and IT management team, On Call Compliance Solutions is the #1 source for CMMC, NIST SP 800-171 Compliance, DFARS and ITAR consulting. Give us a call now to schedule a free phone call with one of our compliance experts to see how we can help.

NIST SP 800-171 Compliance Experts


Fill out the form below to get a FREE consultation with one of our CMMC, NIST SP 800-171, DFARS and ITAR experts who can help you achieve your goals. There is never a fee or obligation to find out how we can help.

Contact Us