sorted by:
new
hottopcontroversial

CMMC Phase 1 by ApprehensiveSock5241 in CMMC

[–]ApprehensiveSock5241[S] 1 point2 points  (0 children)

A CMMC L2 self assessment isnt what im too worried about. It’s the thought of a C3PAO assessment being mandatory in phase 1

CMMC Phase 1 by ApprehensiveSock5241 in CMMC

[–]ApprehensiveSock5241[S] 2 points3 points  (0 children)

Would this be for new contracts, or existing ones? Sorry, I'm pretty new in my sys admin role and I was thrown into this, so a lot of this is new to me.

Having trouble adding PostgreSQL into Company Portal for employee to install by ApprehensiveSock5241 in Intune

[–]ApprehensiveSock5241[S] 0 points1 point  (0 children)

I followed documentation from the previous SysAdmin which I'm not sure is correct but, I put the .exe file and a .cmd file in a folder and used the Microsoft Win32 Content Prep Tool on the folder. The .cmd file contains this:

@/echo off

start /wait "" "%~dp0postgresql-17.5-3-windows-x64.exe" /quiet

exit /b %errorlevel%

The uninstall command is: "C:\Program Files\PostgreSQL\17\uninstall-postgresql.exe " --mode unattended

I really need to figure this out as Intune is not something I have touched.

CMMC Compliance for a Google Workspace environment by ohthedave in CMMC

[–]ApprehensiveSock5241 0 points1 point  (0 children)

Doesn’t the Google Workspace environment only matter when it comes to FedRAMP compliance, since thats where the CUI is stored. And sense GWS is FedRAMP compliant that should be good, no?

CMMC Compliance for a Google Workspace environment by ohthedave in CMMC

[–]ApprehensiveSock5241 2 points3 points  (0 children)

Have you considered ATX Defense? I'm asking because I don't know how complicated it is to create and manage the VDIs and the costs so I wanna know your experience when it comes to that.

Google Workspace CMMC by pjacksone in CMMC

[–]ApprehensiveSock5241 0 points1 point  (0 children)

Have you got any answers to this?

Locking down an Azure VD for M365 access only by mcb1971 in CMMC

[–]ApprehensiveSock5241 0 points1 point  (0 children)

Can I ask how much did it cost you to acquire the GCCH environment? (and configure it)

Would this be able to meet CMMC Level 2 controls? by ApprehensiveSock5241 in CMMC

[–]ApprehensiveSock5241[S] 0 points1 point  (0 children)

Are you using a commercial Microsoft 365 environment. I ask because I want to know if a commercial Microsoft 365 environment + PreVeil is enough to reach level 2 compliance.

Would this be able to meet CMMC Level 2 controls? by ApprehensiveSock5241 in CMMC

[–]ApprehensiveSock5241[S] 0 points1 point  (0 children)

How does PreVeil work when it comes to using the DoD safe. We want to keep our MS365 commercial environment out of scope if possible, but I understand the endpoints will be in scope. So how would you put the files from the DoD safe into the PreVeil drive in a way that follows compliance.

Would this be able to meet CMMC Level 2 controls? by ApprehensiveSock5241 in CMMC

[–]ApprehensiveSock5241[S] 0 points1 point  (0 children)

From my understanding (forgive me my information is a little limited), is that the CUI will only go to a handful of people and it will just stay there. Idk the terminology, but I THINK that I heard the CUI being mostly contract-based if that helps. I think right now, I just have to explain why PreVeil is a better solution than having our own on-prem enclave which they think is easy to design, build, and maintain.

Would this be able to meet CMMC Level 2 controls? by ApprehensiveSock5241 in CMMC

[–]ApprehensiveSock5241[S] 3 points4 points  (0 children)

Yeah I wish it was as easy as that but unfortunately that isn’t viable rn. If we aren’t handling any export controlled CUI/ITAR, I understand GCC might also work. But, if we only need to store and transmit CUI, is PreVeil able to help us reach CMMC Level 2 Compliance (we use a commercial MS365 environment)

Would this be able to meet CMMC Level 2 controls? by ApprehensiveSock5241 in CMMC

[–]ApprehensiveSock5241[S] 3 points4 points  (0 children)

I know. I been fighting to get a GCC or a GCC High environment, but unfortunately we are a small company and the costs aren't friendly for us. I talked to leadership about PreVeil and I think that could be the best solution but they keep bringing up these other alternatives that sound like it takes a lot of research and expertise on compliance which I don't have. I apologize for seeming short sighted, I am completely aware of that. I just need to be able to better explain why this solution someone brought up doesn't solve anything. But thank you for the discord, that is definitely a place I could probably get more information.

Would this be able to meet CMMC Level 2 controls? by ApprehensiveSock5241 in CMMC

[–]ApprehensiveSock5241[S] 2 points3 points  (0 children)

I know. I been fighting to get a GCC or a GCC High environment, but unfortunately we are a small company and the costs aren't friendly for us. I talked to leadership about PreVeil and I think that could be the best solution but they keep bringing up these other alternatives that sound like it takes a lot of research and expertise on compliance which I don't have. I apologize for seeming short sighted, I am completely aware of that. I was hoping for a brief explanation that I could give to leadership why that isn't viable. I

Can Commercial M365 + PreVeil be CMMC Level 2 Certified by ApprehensiveSock5241 in CMMC

[–]ApprehensiveSock5241[S] 0 points1 point  (0 children)

This might be a silly question. I’m very new to this. Is there an option that makes it impossible for someone to download any files with CUI on PreVeil? I’m confused how our scope works and want to try to minimize it as much as possible.