CMMC Practice AC.2.016: Control the flow of CUI in accordance with approved authorizations.
CMMC CLARIFICATION (Ref CMMC – Appendix B)
Flow control regulates where and how information can flow. Firewalls and proxy servers can be used to control traffic flow. Typically, organizations will have a firewall between the internal network and the internet. Often multiple firewalls are used inside a network to create zones to separate sensitive data, business units or user groups. Proxy servers can be used to break the connection between multiple networks. All traffic entering or leaving a network is intercepted by the proxy, preventing direct access between networks. This can have security and performance benefits. Additionally, organizations should ensure that all sensitive information is encrypted before being transmitted over the internet.