LinkedIn

Understanding the evolution of DoD’s FedRAMP Moderate Equivalency Requirements for CSPs

2024-04-03T13:14:40+00:00

By Les Buday, Managing Director FedRAMP Moderate Equivalency is Born In October of 2016, the Department of Defense (DoD) issued Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012 which, in part, includes considerations for cloud service providers (CSPs) used by DoD contractors to store, process, or transmit covered defense information (CDI)/controlled unclassified information (CUI). In [...]

Understanding the evolution of DoD’s FedRAMP Moderate Equivalency Requirements for CSPs2024-04-03T13:14:40+00:00

Multifactor Requirements for CMMC

2022-06-08T19:14:04+00:00

By Greg Kent, Senior Vice President, CTO CMMC requirements for multifactor authentication (MFA) seems to stump many SMBs.  CMMC control IA.L2-3.5.3 requires Federal contractors to "Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts."  But what exactly does this mean? Understanding some NIST terminology is essential [...]

Multifactor Requirements for CMMC2022-06-08T19:14:04+00:00

Clarifying Cloudy Responsibilities for CMMC Success

2022-05-12T19:00:16+00:00

By Connor Payne With CMMC generally consisting of a “follow the data” exercise, DoD contractors often underestimate their reliance on third-party vendors to store, protect, process, or transmit CUI data. Many small and midsize businesses (SMBs) rely heavily on managed service providers (MSPs) and even more refined services such as managed security service providers (MSSPs), [...]

Clarifying Cloudy Responsibilities for CMMC Success2022-05-12T19:00:16+00:00

Shared Responsibilities: You’re Not (Totally) Off the Hook

2022-06-08T19:13:25+00:00

By Connor Payne Inherited controls from a cloud service provider such as Amazon Web Services (AWS) or Microsoft Azure include physical and environmental controls that a customer fully inherits from the provider. In general terms, shared responsibility means that the cloud service provider is responsible for the security of the cloud while the customer is [...]

Shared Responsibilities: You’re Not (Totally) Off the Hook2022-06-08T19:13:25+00:00

CMMC, Take 2.0 – 3 Strategic Tips for Success

2022-01-29T03:21:11+00:00

By Les Buday, Managing Director “Streamlined. Flexible. Secure.” This is the tagline listed on the CMMC website managed by the Office of the Under Secretary of Defense (OUSD) Acquisition & Sustainment (A&S). On this website you can find all of the information regarding the newly redefined Cybersecurity Maturity Model Certification (CMMC) program. More commonly referred to as [...]

CMMC, Take 2.0 – 3 Strategic Tips for Success2022-01-29T03:21:11+00:00

Follow the CUI for CMMC Compliance

2022-01-12T20:27:39+00:00

By Greg Kent “Follow the CUI.”  That is the standard practice that DoD contractors follow to determine exactly what system components and networks are within the scope boundary for Level 3 Cybersecurity Maturity Model Certification (CMMC) compliance.  Any system, network, or component that is used to store, process, transmit, or secure CUI should be included [...]

Follow the CUI for CMMC Compliance2022-01-12T20:27:39+00:00

VDI for CUI

2022-02-04T18:53:42+00:00

By Josh Griswell One approach that contractors can take in approaching CMMC is including all of their infrastructure within the scope boundary for a CMMC certification. This means that all of the company’s components and devices would have to follow the processes and practices required by CMMC. The larger the company’s environment, the more complex [...]

VDI for CUI2022-02-04T18:53:42+00:00

Sharpen Your Pencils for CMMC

2022-02-04T13:39:59+00:00

By Greg Kent Fall will be here before you know it, so now is a good time for DoD contractors to review their business development and contract strategy for the coming year. With CMMC being required for bidding on new contracts towards the end of 2020, there are big changes on the horizon. Once the [...]

Sharpen Your Pencils for CMMC2022-02-04T13:39:59+00:00

CMMC Solutions for Defense Contractors

2022-01-12T19:57:11+00:00

Compliance with the Cybersecurity Maturity Model Certification (CMMC) program requires DoD contractors to undergo cybersecurity audit and certification, beginning in 2020/2021. Based on NIST 800-171 controls, the CMMC will be a single standard for all DoD contracts. Previous regulations for DoD contractors handling controlled unclassified information (CUI) allowed for self-certification of compliance with appropriate NIST 800-171 [...]

CMMC Solutions for Defense Contractors2022-01-12T19:57:11+00:00

CMMC Compliance Solutions

2022-02-04T14:14:59+00:00

Compliance with the Cybersecurity Maturity Model Certification (CMMC) program requires DoD contractors to undergo cybersecurity audit and certification, beginning mid 2020. CMMC will be a single standard for all DoD contracts that considers the security control and the institutionalization of cyber processes across a contractor's enterprise assets including development environments for mission systems. Previous regulations [...]

CMMC Compliance Solutions2022-02-04T14:14:59+00:00
© Copyright  |   All Rights Reserved | Design and Development by Marketlocity
LinkedIn
Go to Top