I work for a job shop that does some aerospace/military work. Some of our defense customers are telling us we need to get a Department of Defense "Cybersecurity Maturity Model Certification" (CMMC) per the NIST 800-171 cybersecurity standard in order to continue doing work for them. We started looking into the requirements for this, and one of the foundational ones is that computer system users are "authorized" and "identified". We don't see a way around this other than giving everyone who touches a computer their own computer account, and making them log into it in order to do things.
Right now, we have a dummy user named "CMM" that has administrative privileges on the CMM computers. This user is logged in pretty much all the time with PC-DMIS open, and any of our couple dozen machinists can walk up to the CMM, open their program from the network drive where they all reside, and run their part.
In order to give each machinist their own user, they would have to walk up to the computer, sign in (hopefully we could do this with a prox card instead of a password), open PC-DMIS, run their program, and then log off. I have to think PC-DMIS would probably get grumpy with starting and stopping constantly, and/or that the connection to the machine control would hang up at some point and hold up the whole show. Plus, any "user" settings would have to be duplicated exactly across a potentially-varying list of a couple dozen accounts.
Does anyone have experience using PC-DMIS in a CMMC-level IT environment? Does anyone have experience in a multi-user environment like I'm imagining and describing above? How did you set up PC-DMIS? How did it handle it?
