NOTICE to All Current or Aspiring Government Contractors

New Compliance Assessment Procedures

The US Department of Defense (DOD) has always required the vetting of all contractors, but with the advancements in cyber-crime and hacking technologies, they have instituted new procedures for all businesses seeking government contracts.

The old model, NIST 800-171, has been replaced by a new program, the Cybersecurity Maturity Model Certification (CMMC). The previous method was that of SELF-Assessment, but with the new multi-level CMMC, the DOD set the standards, then outsourced it to a 3rd Party organizations, who will now be conducting all assessments and certifications.

Starting 2021, any business contracting with the DOD will have to have the minimum certification of CMMC Level 3 (there are 5 levels). All contractors can no longer obtain compliances on their won, but only through a certified body.

With the ever-growing sophistication in the world of cyber-crime, and over 300,000 government subcontractors, the DOD is tightening its grip on cybersecurity compliance. These contractors range from the largest corporations to the smallest. Companies the size of a Lockheed Martin will have little or no problem with these new 3rd Party Compliances.

However, smaller businesses that depend on DOD contracts will typically have to revamp their IT. There will be no more ‘casual’ attitudes towards their IT. We know of a few companies that were having ‘the owner’s nephew (or brother, friend, etc.) doing their IT on an ‘as needed’ basis. This will no longer allow access to DOD work. As such, all contractors will need to work with a CMMC Certified IT Company to ensure that any government data is secure.

IT Support LA is just such a CMMC Certified IT Company

Working with us not only satisfies that requirement, but we can also guide you through the new processes and help you obtain the compliances you need to continue or begin working as a DOD contractor. As for the actual security compliance for your network, our own security measures are more stringent and iron-clad than what the government requires in many areas of concern.

Aside from our vast menu of ‘ Standard’ IT services, we also provide:

  • Managed IPS, Firewall, and Security
  • CMMC Compliance Assessment
  • CMMC Compliance Management
  • Policy Development Collaboration
  • CMMC Security Implementation Guides
  • Security Scans and Analysis
  • Advanced Threat Protection
  • Intrusion Detection & Response
  • Data Breach/Data Loss Prevention
  • Disaster Recovery & Restoration
  • Forensic Analysis

An excellent first step is to assess where your system is NOW

We offer a 100% FREE Network & Security Assessment and Audit. There is no obligation, no strings attached. We perform a non-intrusive scan that will show every vulnerability in your system. We then produce a comprehensive report that is yours to keep – to use as you see fit.

Your comprehensive security report, delivered at the conclusion of the assessment, will include:

  • An executive summary
  • Overview of the assessment scope and objectives
  • Assumptions and limitations of the assessment
  • Methods and tools used
  • Design of the current environment or systems with applicable diagrams
  • Security requirements
  • Summary of findings and recommendations
  • Assessment results:
    • General control review
    • Vulnerability test
    • Risk assessment, including identified assets, threats, vulnerabilities, impact and likelihood assessment, and the risk results analysis
  • Recommended actions

Don’t wait another minute. To get started with your free, no-risk security assessment, please let us know how to get in touch with you. Your information will not be shared with any 3rd parties.

Your New and Redefined IT Experience Begins with a FREE Consultation.
Give us a call or schedule online today!