CMMC

    Meet the Future of DIBCAC
    Compliance Head-On

    Guard your Covered Unclassifed Information. Sharetru embraces the definiton of FedRAMP Equivalency, and meets the requirements of CMMC Level 2 compliance for file sharing, ensuring the integrity of the information that fuels our nations front lines.

    Amplifying Cybersecurity in the DIB:
    A Guided Approach

    But what sets Sharetru apart is its commitment to evolution. As the landscape of cybersecurity shifts and the stipulations of CMMC change, Sharetru adapts. With a robust platform ready to handle the current CMMC 2.0 and all future updates, Sharetru is a partner in your journey towards impeccable data protection, prepared to evolve alongside you.

    Sharetru isn't merely a platform for compliant file sharing and transfer; it's your companion in a world where data protection is paramount. So, ready to make your cybersecurity efforts for CMMC 2.0 file sharing smoother and more effective?

    Imagine effortlessly meeting the complexities of CMMC compliance for file sharing. That's exactly where Sharetru shines. It's not just a platform; it's a solution built on a profound understanding of the intricacies of cyber protection standards for the Defense Industrial Base.

    You see, Sharetru isn't just about checking compliance boxes. It's about going beyond them, by offering our Advanced Security and Compliance Platform designed to streamline your cybersecurity efforts, making sure they meet and even exceed the stringent requirements of CMMC and NIST SP 800-171.

    Sharetru Custom Images_File Shar (1)

    Ready-to-Use Compliance Framework

    With Sharetru's CRM and SSP, defense contractors are equipped with ready-to-use tools that align with CMMC requirements. This significantly reduces the time and effort needed to achieve compliance, allowing contractors to focus on their core business operations.

    Sharetru Custom Images_User Mana

    Demonstrated FedRAMP Moderate Equivalency

    Sharetru's comprehensive documentation means that it already meets the requirements for FedRAMP moderate equivalency as laid out by 32 CFR 170. This is not just compliance – it's a benchmark of security excellence that Sharetru brings to its clients.

    Sharetru Custom Images_Site Settings - Hero

    Streamline Your Audit and Assessment Processes

    The clarity and thoroughness of Sharetru's CRM and SSP streamline the audit and assessment processes when reviewing your file sharing and file transfer platform. Contractors can confidently demonstrate their compliance to the DoD, knowing that their cloud services are backed by Sharetru's robust security framework.

    Sharetru Custom Images_Transfer Compatibility - Hero-1

    Enhanced Trust and Reliability

    Choosing Sharetru is more than a compliance decision; it's a strategic move towards enhancing trust and reliability in the defense supply chain. Sharetru's solutions ensure that sensitive unclassified information is protected in line with the highest federal standards.
    Sharetru Custom Images_HomePage - Hero-1

    Future Proofing Against Evolving Threats

    In an era where cyber threats are constantly evolving, partnering with Sharetru means staying ahead of the curve. Sharetru's commitment to updating its CRM and SSP in response to new threats and standards ensures long-term resilience and security.

    How We Help Some of the of the Biggest Names Achieve CMMC Compliance

    Don’t let organizational file sharing and transfers be an afterthought. Vet file sharing services for compliance ahead of time, and make sure your solution aligns with CMMC guidelines by providing sufficient controls in the below areas.

    ShareTru Icons_Access Controls
    Identification and Authentication Verify User Identity

    Implement password controls, multi-factor authentication, and identity service integration through SAML 2.0 from the admin console. Strengthen your login security over SFTP with SSH keys instead of risking the loss or theft of passwords.

    ShareTru Icons_Multi-Factor Authentication
    Access Control Block Unauthorized Users

    Take advantage of folder-level access control to keep users who shouldn’t have access to CUI out of the folders that contain it. Flexible permissions help you put safeguards in place to keep unauthorized users out of your mission-critical systems.

    ShareTru Icons_Defend National Security
    Physical Protection Enjoy Fortress-Like Security You can relax knowing that our infrastructure is protected with biometric scanning for access, a man trap for entry, caged infrastructure, and perimeter security including armed guards. Our datacenters keep your data stowed away for your eyes only.
    ShareTru Icons_Accountability
    Audit and Accountability Maximize Platform Visibility Connect through SFTP and import log data to your SIEM, or export log data through our API. You can view all your reports on one intuitive dashboard to simplify analysis and leverage insights to enhance your cybersecurity efforts.
    ShareTru Icons_Protect Data and Systems
    System and Communications Protection Safeguard Sensitive Data

    Keep administrator roles clearly delineated from user roles for added control and security. Strengthen your authentication processes for SFTP users with IP address restrictions that can be set by by protocol and by user.

    NIST SP 800-171

    Shielding Sensitive Data: Robust CUI Protection in Quickly Changing Landscapes

    But why is Sharetru the right choice for protecting CUI? The answer lies in our experienced comprehension of security requirements, particularly those stipulated by the NIST SP 800-171 and CMMC guidelines. Sharetru's Advanced Security and Compliance Platform features are tailored to address these specific requirements, providing you with an efficient and effective solution to ensure the confidentiality of CUI in nonfederal systems.

    It's not a theoretical promise, but a practical reality that has been thoroughly demonstrated in our role as an invaluable tool for government contractors for 23 years. They've relied on us to navigate the intricate maze of data protection and compliance, reinforcing Sharetru's position as a leading player in managing sensitive data.

    Imagine if securing controlled unclassified information (CUI) within nonfederal systems was as effortless as, say, uploading a file. That's where Sharetru comes into play.

    Sharetru is more than just a platform - it's an intelligently designed solution, deeply ingrained with an understanding of how to protect CUI in an increasingly digital world.

    If you're seeking a reliable, future-proof partner in protecting CUI in nonfederal systems, look no further. Sharetru is here to safeguard your data, one file at a time.

    Preparing for CMMC?

    We understand the journey to CMMC compliance isn’t just about reaching a destination; it’s about navigating the path with confidence, clarity, and continuous vigilance. And that's precisely what Sharetru equips you with when it comes to file transfer and file sharing.

    Understanding the Requirements

    Start by understanding what CMMC 2.0 entails. It's not enough to know it's about cybersecurity; you need to delve deeper into the specifics of the framework. Understand the controls and processes it mandates and how they apply to your operations. Realize the magnitude of its emphasis on protecting Controlled Unclassified Information (CUI).

    Why Sharetru is Key: Sharetru is rooted in a comprehensive understanding of CMMC 2.0. The platform is built with the precise goal of meeting and exceeding the framework's requirements, offering the tools and features that align with its stipulations. Sharetru is a guide and partner in helping you understand and meet CMMC 2.0 requirements for file transfer and file sharing.

    Assess Your Current State

    Next, undertake a thorough evaluation of your current cybersecurity measures. Determine how they align with the CMMC 2.0 standards and identify any gaps. This requires a comprehensive audit of your systems, processes, and controls to understand where you stand in relation to CMMC 2.0 compliance.

    Why Sharetru is Key: Sharetru isn't just a platform for meeting compliance - we're a partner in implementing the platform. As a customer, we provide you with Responsibility Matrix enabling you to quickly pinpoint what controls to implement for your users. We put you in a better position to work towards full compliance for file sharing.

    Implementing and Monitoring

    Implementing the necessary changes to meet CMMC 2.0 requirements, and monitor your systems continuously for any potential issues isn't a one-off project; it's a continual process that requires regular checks and updates.

    Why Sharetru is Key: Sharetru isn't a static platform. We're continuously updating and improving it as an active ally in both implementation and development. Our features are designed to not just meet CMMC 2.0 standards but to maintain them over time. Sharetru allows you to track and manage your file sharing activities effectively with our permanent, immutable logs making it a vital tool in your ongoing efforts to remain CMMC 2.0 compliant.

    Frequently Asked Questions
    About Sharetru and CMMC

    F.A.Q.

    Does Sharetru have a Customer Responsibility Matrix (CRM) for CMMC?

    Absolutely! Sharetru is proud to offer a specialized CRM designed specifically for CMMC Level II compliance. Not only does our CRM align with the requirements of CMMC Level II, but it also cross-references the standards set by NIST 800-171, ensuring a comprehensive approach to compliance and security. We understand the importance of this information for our customers and prospective clients. Therefore, we're more than happy to make this CRM available to you. Please note that due to the sensitive nature of the information, we provide access to this CRM under a Non-Disclosure Agreement (NDA). If you're interested, reach out to our team, and we'll guide you through the next steps.

    Where does Sharetru host your CUI data?

    At Sharetru, we prioritize the security and integrity of your data. We are proud to affirm that all our data is exclusively hosted in U.S. datacenters. Furthermore, on our Advanced Security and Compliance Platform, even our disaster recovery datacenter is located within the U.S. in FedRAMP Moderate Authorized datacenters. To bolster our commitment to data security, since our inception, every single employee at Sharetru has been a U.S. citizen. This ensures a consistent understanding and adherence to U.S. data protection standards. You can rest assured knowing that with Sharetru, your data remains on American soil, managed by a team deeply rooted in the values and regulations of the U.S.

    Does Sharetru have SSO (Single Sign-On) integration?

    Yes, Sharetru offers SSO integration as part of our Performance and Enterprise plans. This integration allows for a streamlined and secure login process for users. With SSO, you can differentiate and control who has access to login. Additionally, you have the flexibility to align users either to our native method, which utilizes a username and password, or to the SSO method. Our system is also capable of creating new user accounts automatically when their first login is through SSO, providing ease of access while maintaining security standards. This feature ensures a convenient and efficient user experience while adhering to high-security protocols

    What level of experience does Sharetru have with CMMC?

    Sharetru has significant experience with the Cybersecurity Maturity Model Certification (CMMC) framework. Since 2018, we have been diligently working with our clients to meet the requirements of NIST 800-171. Given that the same 110 controls required for NIST 800-171 are also integral to CMMC 2.0 Level 2, we have effectively been addressing the CMMC 2.0 standards for the sharing of Controlled Unclassified Information (CUI) alongside our clients for over 5 years. This extensive experience places Sharetru among the most seasoned file transfer software providers in the market when it comes to complying with CMMC 2.0 requirements.

    Is Sharetru FedRAMP Moderate Authorized?

    We're committed to ensuring the highest standards of security and compliance for our customers. To that end, our Advanced Security and Compliance Platform employes Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) that are both FedRAMP moderate authorized. We understand the critical importance of this authorization, especially for clients navigating the stringent requirements of sharing CUI. Recognizing this, we've initiated the process of obtaining FedRAMP moderate authorization for our Software as a Service (SaaS) layer as well. Additionally, we've developed a System Security Plan (SSP) for FedRAMP moderate equivalency, further solidifying our dedication to helping you meet and exceed the rigorous standards set by DFARS 242.204-7012 and NIST 800-53.

    What's the definition of FedRAMP Equivalency?

    The official government definition of FedRAMP Moderate equivalency is what Sharetru follows, and it matches the requirements of DIBCAC. The exact definition per 32 CFR 170 is as follows: "Equivalency is met if the OSA has the CSP's System Security Plan (SSP) or other security documentation that describes the system environment, system responsibilities, the current status of the Moderate baseline controls required for the system, and a Customer Responsibility Matrix (CRM) that summarizes how each control is MET and which party is responsible for maintaining that control that maps to the NIST SP 800–171 Rev 2 requirements."

    Can I store CDI, CUI, and CTI in Sharetru's Advanced Security and Compliance Platform?

    Yes, you can store Controlled Defense Information (CDI), Controlled Unclassified Information (CUI), and Cyber Threat Intelligence (CTI) in Sharetru's Advanced Security and Compliance Platform. Our platform provides the necessary controls to meet the requirements of CMMC 2.0 Level 2, which align with the standards of NIST 800-171. We have been effectively addressing the requirements of NIST 800-171 with our customers since 2018. This experience and our adherence to these standards ensure that your sensitive information is managed securely and in compliance with the latest regulatory guidelines.

    What encryption does Sharetru employ?

    Sharetru employs state-of-the-art encryption techniques to ensure the utmost security of your data. For data at rest, we utilize Advanced Encryption Standard (AES) with a 256-bit key length, one of the most secure encryption methods available. When it comes to data in transit, we rely on Transport Layer Security (TLS) 1.2 to safeguard your information as it moves between systems. If you're interested in encrypting at the file level, it's essential to note that this requires specific training for your users before uploading files. We've consciously chosen not to encrypt at the file level because having access to your encryption keys can pose a security risk for you. Our priority is to strike the right balance between accessibility and security, always keeping your best interests at the forefront.

    sharetru-symbol-white

    Ready to ask your questions?

    Bad actors are getting smarter by the day. Let us help you protect sensitive data so it doesn't fall into the wrong hands and risk your contractor status. See how Sharetru does this for you and more by scheduling a demo today.

    Book Your Demo