The U.S. Department of Defense (DoD) requires all contractors doing business with the DoD to implement CMMC regulations to meet certain security protocols. CMMC, formally known as the Cybersecurity Maturity Model Certification (CMMC), requires the use of data containerization in order to protect government/business information. For organizations needing to adhere to CMMC guidelines, SyncDog serves as a trusted ally in achieving data containerization in mobility.
Between November 15th – 18th, SyncDog will be at the Deltek ProjectCon Conference in Nashville, Tennessee demonstrating how SyncDog’s Trusted Mobile Workspace, Secure.Systems, can accelerate CMMC compliance.
What CMMC Requires
CMMC is designed to protect federal contract information (FCI) and controlled unclassified information (CUI) across three levels of certification, based on a combination of self-assessments and third-party assessments:
- Level 1: The foundational level, covers FCI and, once CMMC is fully implemented, will require self-assessments on an annual basis.
- Level 2: Advanced, includes CUI and will require a combination of annual; self- and third-party assessments. Its requirements will be based on the National Institute of Standards and Technology’s SP 800-171 guidelines for protecting CUI.
- Level 3: Expert, covers enhanced requirements for CUI, based on a subset of NIST SP 800-172, and will require triennial third-party assessments.
CMMC applies to information on contractors’ unclassified networks. If a contractor handles only FCI, it can stick to Level 1. But if it handles any CUI in addition to FCI, it must start at Level 2. The DOD has estimated that about 140,000 companies in the DIB will fall under Level 1, with about 80,000 starting at Level 2.
CMMC boils down to the need to start securing government FCI and, especially, CUI data everywhere it is being accessed and utilized, and to protect it correctly—notably by using validated FIPS 140-2 256-bit encryption. In order to implement CMMC efficiently and pass a CMMC audit, contractors must make sure they have addressed every endpoint, including mobile endpoints, with the right solutions to ensure that data is secured everywhere it flows.
SyncDog Supports CMMC Compliance
Data containerization rules embody a more fundamental security approach, particularly with respect to mobile. SyncDog’s Trusted Mobile Workspace, Secure.Systems, takes containerization to the next level by offering industry-leading containerized security in conjunction with a full suite of productivity applications that provides a desktop-like experience on mobile devices. Implementing Secure.Systems empowers organizations to transition away from providing and managing corporate devices and experience the flexibility of BYOD without the threat of losing or exposing corporate data.
To read more about the data containerization and mobility requirements of CMMC, check out our CEO and Founder Jonas Gyllensvaan’s thoughts in his article on SecurityInfoWatch.