CMMC for Office Equipment/MSPs
The Cybersecurity Maturity Model Certification (CMMC) program final rule is in the books. After more than five years in development, we now know exactly what is required of contractors in the defense industrial base (DIB) in order to secure contracts with the U.S. Department of Defense. More importantly for MSPs, we now know how IT managed services fit into the program. For the first time, MSPs are directly connected to their clients' compliance requirements regarding the services they provide. Stipulations within the rule specifically state that the services and assets of external service providers, which include MSPs, are within the scope the contractor's CMMC Assessment. Failure of an MSP to provide adequate documentation and evidence of compliance with the requirements will cause the contractor to fail its CMMC Assessment, a costly mistake.
Monthly Collaborative Peer Group
•Topics
CMMC Program
Deep Dive into 800-171 R2 controls
How MSP services are impacted by controls
Policy and procedure development
Preparing evidence
Building your enclave (firewalling your business)
Building a security focused culture