You might be asking yourself, “why are collaboration platforms competing with Managed File Transfer (MFT)?” Great question. Normally, they don’t, and to be honest -- they shouldn’t. These are not the same. The commonality regarding these two is mainly that files can be stored or sent within MFT and MFT as-a-Service (MFTaaS) platforms, as well as within collaboration platforms. However, as we’ll see later, it’s not without difficulty if you’re trying to use a collaboration tool like Microsoft O365 as a MFTaaS tool.
This blog post is the culmination of our Securing the Supply Chain series. In our second blog post Securing the Supply Chain - Meeting NISP SP 800-171 R2 we provided information on meeting compliance with DFARS (Defense Federal Acquisition Regulation Supplement) contracts clause 252-204-7019, which triggers your compliance with NIST 800-171 R2 by uploading your self-assessment, System Security Plan, and any Plan of Accreditation & Milestone (POA&M - Plan Of Actions and Milestones) to SPRS (Supplier Performance Risk System) system. Our initial blog covered what the government wants you to protect, the interim rule, Cybersecurity Maturity Model Certification (CMMC) levels, and how to get started. In this blog we start the journey toward meeting compliance with CMMC. We begin with first meeting compliance with NIST SP 800-171 R2, the latest self-assessment and self-attestation standard. Ultimately, over the next five years (by 2026), you will be required to meet DFARS contract clause 252-204-7021, which will trigger compliance with appropriate level of CMMC compliance. The Cybersecurity Maturity Model Certification (CMMC) is a compliance framework for Defense Industrial Base (DIB) contractors to safeguard intellectual property of United States. DIB contractors must properly safeguard, disseminate, and destroy Controlled Unclassified Information (CUI). As a DIB contractor, you will need to comply with the appropriate CMMC maturity level to renew a contract, compete for a new contract or receive an award of a contract. In this blog we give you the information you need to meet CMMC compliance.
Are you trying to select a new file sharing solution, but you have a few questions first? Explore these common questions about file sharing solutions and find out their answers.
This blog post is a continuation of The CMMC Basics where we covered what the government wants you to protect, the interim rule, Cybersecurity Maturity Model Certification (CMMC) levels, and how to get started. In this blog we start the journey toward meeting compliance with CMMC. We begin with first meeting compliance with NIST SP 800-171 R2, the latest self-assessment and self-attestation standard. The United States government is challenged with securing the supply chain to reduce theft of intellectual property, collection of intelligence by foreign adversaries, and introduction of counterfeit products. The Department of Defense (DoD) must assure that the mission of the warfighter is not compromised, furthermore the research and development, ideas and product specification are not stolen. As we become more of an interconnected world, this will be more challenging, so you must take steps to assure that you are keeping your information safe as a Defense Industrial Base (DIB) vendor. If you are among the over 300,000 hardworking vendors supporting the DoD — be proud and be ready to do your part in helping America’s continued prosperity.
The United States of America is increasing attention on cybersecurity to ensure the prosperity of the American people. Public and private entities must secure systems, and networks from adversaries with malicious purpose. In this effort to secure Federal networks, one of the areas of focus for the government is the Federal Supply Chain and strengthening the security of United States Government contracting systems. The global nature of the Internet allows all countries to participate in communication, commerce, and free exchange of ideas – allowing for true prosperity. Access to something as powerful as the Internet presents opportunities for outside nations to conduct espionage, steal intellectual properties, cybercrimes, and remotely attack critical infrastructure.