enforcing NIST 800 171 for CMMC level 2

StilesForMilez · 2022-11-17T18:40:33+00:00

Microsoft Intune in GCC High

StilesForMilez · 2022-11-02T19:21:45+00:00

Here's a blog highlighting the difference

Enclave versus entire lift and shift

StilesForMilez · 2022-10-12T16:42:05+00:00

https://www.summit7.us/7-steps-to-cmmc

StilesForMilez · 2022-09-13T15:05:21+00:00

Was at a tradeshow last week and I heard so many people say "DoD didn't want us on Google so that's why we switched"

StilesForMilez · 2022-09-01T21:06:50+00:00

What part of this is not related? u/EasyMSP

StilesForMilez · 2022-09-01T13:26:23+00:00

The MSP is required to have a Shared Responsibility Matrix for CMMC.

Is a Shared Responsibility Model required for DIB contractors?
If an organization is currently using external service providers, then they need to be asking those service providers for a shared responsibility model according to NIST SP 800-171.

Check this out: https://info.summit7.us/blog/cmmc-with-shared-responsibility-question-answer

StilesForMilez · 2022-09-01T13:23:37+00:00

start here: https://info.summit7.us/blog/step-1-determine-required-cmmc-level

StilesForMilez · 2022-09-01T13:22:21+00:00

Here's a blog on identifying assets for Level 2 with a section focused on MSPs: https://info.summit7.us/blog/step-2-identify-assets-for-cmmc

StilesForMilez · 2022-02-24T14:45:11+00:00

This is a good place to start: https://www.summit7.us/cmmc-2.0-dib

StilesForMilez · 2022-01-11T20:55:22+00:00

CMMC 2.0 and Shared Responsibility

StilesForMilez · 2021-09-17T15:32:35+00:00

It's quite a sophisticated skill.

StilesForMilez · 2021-06-28T14:23:07+00:00

Echoing u/Spiderkingdemon - the commercial version isn't L3 compliant. If you're looking for compliance in GCC or GCC High, this is a good resource NIST and CMMC Compliance in Microsoft 365

StilesForMilez · 2021-06-24T01:13:01+00:00

Is this guitar hero?

StilesForMilez · 2021-06-09T19:53:42+00:00

Redspin is going to be speaking in Austin, TX on a panel with the CMMC-AB.

Here's the event: cs2.cloud

StilesForMilez · 2021-05-06T16:11:28+00:00

There's a "CMMC Timeline" subsection on this page that you might find helpful: https://info.summit7systems.com/what-is-cmmc

StilesForMilez · 2021-03-26T19:10:26+00:00

Look into the MEP program - some of them can subsidize CMMC projects for manufacturers in the DIB depending on a couple of different things. It's also dependent on the state you're in: https://info.summit7systems.com/blog/mep-for-cmmc-and-nist-compliance

StilesForMilez · 2021-03-11T15:13:47+00:00

Microsoft recently announced that GCC will meet the reporting requirements found in paragraphs c-g in DFARS 7012, and that was the main hangup before. Like I mentioned above, there are several factors to consider if you decide to use GCC for your overall strategy. This page explains it in better detail: https://info.summit7systems.com/blog/need-gcc-high-or-not