If you provide services to the federal government—specifically the Department of Defense (DoD)— Cybersecurity Maturity Model Certification (CMMC) compliance applies to your business. The requirements in CMMC are intended to verify the cybersecurity practices and processes of those who handle controlled unclassified information are effective.
While currently affecting Federal Service Integrators and Government Contractors who work with the DoD, the requirement many expand beyond the DoD, so it may eventually benefit all contractors to learn more about CMMC.
Although CMMC applies to contractors of all sizes, small and medium contractors will likely feel the greatest burden, as the primary challenges to gaining CMMC certification will be time.
The time concern is especially valid as time is money for small and medium-sized businesses. The effort, in terms of instituting new and changing existing processes, and an understanding of which tools currently in place can be used toward certification is especially key.
Many SolarWinds customers are already using our IT management and monitoring solutions to prepare for CMMC and comply with numerous other compliance requirements such as NIST 800-171.
If you want to learn more about CMMC, we have some resources to help:
Have you earned a CMMC certification? Share your experience in the comments below.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.