Our team of Security and IT Professionals will assist your team in assessing and correcting IT security risks to meet CMMC compliance. We have been providing IT support for DoD contracts for 10+ years and our team has maintained networks following the NIST 800-171 and NIST 800-53 standards since they were adopted.
The Office of the Assistant Secretary of Defense for Acquisition started the process of creating the Cybersecurity Maturity Model (CMMC) in March 2019. Now is the time for you to create a competitive advantage.
Our technology stack of both hardware and software, along with our documented policies, will give you the competitive advantage to comply with CMMC requirements. Once you are in compliance you can utilize our expertise to maintain your IT compliance, or you can chose to have your team do it.
The CMMC effort has had a great deal of support from our industry associations such as the National Defense Industrial Association (NDIA), the Aerospace Industries Association (AIA), and the Professional Services Council (PSC) in getting the CMMC information out to the Department of Defense supply chain. We appreciate all of these efforts to secure our collective national defense.
ATS plan for CMMC* Compliance:
GAP / Readiness Assessment – ATS will conduct a gap/readiness assessment of the clients internal network against the controls defined by the CMMC to determine what maturity level they are currently at and provide a plan of action on any findings and remediation recommendations identified during the assessment.
Remediation – Once the readiness assessment has been completed and the plan of action has been developed, our team will implement the entire remediation plan or work in conjunction with the client to remediate identified cybersecurity gaps to satisfy the CMMC requirements. Additional remediation work will be scoped and executed as individual projects, including…AD policy configurations, additional server/workstation configurations, workstation/server replacement, data backup hardware and software, peripheral hardware upgrades (firewalls, switches, routers), and physical security (cameras / door access).
Ongoing Compliance – Compliance is not a one time effort. Ongoing compliance requires management tools, settings, policies, as well as ongoing evidence collecting to support compliance. ATS compliance services include monitoring your network for any potential cybersecurity instances through standard network monitoring services, policies / procedures, internal / external vulnerability scanning, and daily internal cybersecurity monitoring. As the cybersecurity threats evolve and change, companies need to stay proactive with their compliance efforts.
Contact us to discuss a GAP Assessment of your systems.
*Based on information provided by the DoD found here: https://www.acq.osd.mil/cmmc/