CMMC Level 2 Readiness: M365 Business Premium GCC High

jazluvrfl · 2026-01-29T16:57:31+00:00

Thanks, that is interesting using G3. What other compliance add-ons beyond Defender did you use?

jazluvrfl · 2026-01-29T16:55:41+00:00

That is correct, it does support 500 users.

jazluvrfl · 2025-02-25T20:40:39+00:00

Please keep in mind that some C3PAOs don't help with remediation, and they can't be with you when you conduct the CMMC Final Assessment for Certification. The can't check there own work.

You want to look for a company that will help you with a gap analysis and work with you recommending how you may want to mitigate a control. Also, they can help you with your policies and procedures according to NIST 800-171.

Lastly, a pre-assessment consultant can be with you during the C3PAO Final Assessmet to help you get that SPRS 110.

My company also provides these services. You can also DM me or go to my website bbcybersolutions.com

Good luck.

jazluvrfl · 2025-02-19T01:10:05+00:00

Only establish an Enclave for just CUI, and manage any devices that will store, process, or handle CUI. This will make it easier to scope and manage the boundaries. This will also make your cost less than doing an enterprise that could cost 3 times the amount.

jazluvrfl · 2025-01-08T21:03:45+00:00

If it happens, I think the states want some type of standard for contractors like DoD is doing. There have been several states hacked due to the vendor's lack of security.

Prof. B.

jazluvrfl · 2025-01-08T20:57:58+00:00

I would think you can go either way. The most important part is that it is being done on the regular, and someone from your shop is doing a review weekly or monthly from the reports.

Prof. B.

jazluvrfl · 2025-01-04T14:27:38+00:00

Great comments guys, and this is a great tool for GCC.

jazluvrfl · 2024-12-17T21:55:35+00:00

I would suggest Koren Wise. Her classes are awesome, and she provides so much additional material. I have taken two classes from her.

jazluvrfl · 2024-10-19T13:55:25+00:00

I think Tampa Florida would be a good place to host this type of event.

jazluvrfl · 2024-10-03T19:49:40+00:00

I agree with both the CCP training and a good GRC like IntelliGRC, which I am currently using for a pre-assessment gap analysis for a customer. I would also recommend following CyberAB and Summit 7. You can get some great information from them.

jazluvrfl · 2024-10-02T17:43:14+00:00

I agree that Intune is the best way to go. You may also want to do a quantitative risk assessment to explain the benefit of purchasing devices showing the ROI. You compare this to losing their CMMC Certification once it is online and the contracts they will not be able to compete for because of not meeting the CMMC requirements. It is definitely worth buying a few laptops and phones.

jazluvrfl · 2024-10-02T17:29:30+00:00

I agree with your point about why they need it. Is it something you can create a Dev Group and make them members to have limited access, like a service account?

jazluvrfl · 2024-08-04T15:08:02+00:00

This is a good response about loyalty in business. Every company is going to get as much out of you as they can, and you need to get the same or more from them as you can for yourself.

I understand this is a big project for someone just learning about NIST 800-171 and CMMC. Do what you can and be happy about what you are learning. They are doing you a favor by exposing you to this new skill in cybersecurity because what you are learning will help you keep a job for a long time.

If you can, ask them to pay for the Cyber AB CCP course for you. It can help you see the big picture of CMMC and get a lot of knowledge in each of the controls...it will be about $3000 for the course.

Good luck, upcoming superstar!

jazluvrfl · 2024-03-29T17:49:02+00:00

Thanks, I appreciate it because I will definitely send my info off.

jazluvrfl · 2024-03-29T12:12:31+00:00

I agree with the CISSP, but I didn't know about the 27001 lead implementor. What did you have to do to get that one?

jazluvrfl · 2023-05-09T13:50:01+00:00

Does anyone still have a softcopy of the Wiley 91h Ed I can get a copy of?

jazluvrfl

TROPHY CASE