Worldwide
FileCloud
13785 Research Blvd, Suite 125Austin TX 78750, USA
Phone: +1 (888) 571-6480
Fax: +1 (866) 824-9584
Europe
FileCloud Technologies Limited
Hamilton House 2,Limerick, Ireland
Regulate who is granted access to which information with a variety of FileCloud tools: user policies, data leak prevention (DLP), sharing permissions, role-based access controls (RBAC), and more.
FileCloud integrates with LDAP, Active Directory, SSO, Duo Security, SIEM, 2FA, and NTFS permissions. These enable robust user authentication and access verification.
Streamline your audit process with FileCloud’s reports, notifications, and comprehensive audit logs. Identify who (user) accessed what (files/folders), when (timestamp), how (means of access), and where (IP address).
FileCloud has received the Gartner Peer Insights Customers’ Choice Distinction for the fifth consecutive time!
92% of our customers would recommend us to a friend.
FileCloud is a hyper-secure file sharing, remote access, and data governance solution that supports CMMC 2.0 compliance. The single-pane-of-glass experience provides a better path forward for Defense Industrial Base (DIB) entities to implement and maintain cybersecurity controls for files and data stored in a private cloud or on-premises environment.
The CMMC program was initiated on January 31, 2020, by the United States Department of Defense (DoD) to ensure that government contractors were protecting sensitive and confidential information by implementing necessary cybersecurity modules, tools, and best practices.
This framework was designed to ensure a consistent level of security for any systems processing either Federal Contract Information (FCI) or Controlled Unclassified Information (CUI). Though CMMC has not yet been implemented officially, it is based on pre-existing cybersecurity controls:
These controls make it possible for DIB contractors to prepare for certification before the program is made official. Current contracts are not associated with a specific CMMC level; however, the DoD expects all new proposals to be CMMC compliant once the program is rolled out in 2026.
This certification is valid for all direct or ‘prime’ contractors and any organization (sub-contractor) that contracts with the former, working for the DoD. This means that the entity(ies) must be certified with a CMMC level equal to or greater than the level associated with the contract. CMMC accreditation is awarded by the CMMC Accreditation Body (CMMC-AB)
CMMC 2.0 governs 14 domains, derived from the Federal Information Processing Standards (FIPS) Publication 200 AND NIST 800-171.
Read our white paper to learn how FileCloud maps to CMMC 2.0 domains and requirements to support hyper-secure file sharing and data governance!
FileCloud provides access control features including admin-controlled user profiles and groups; granular file/folder permissions; integrations for Active Directories (AD), LDAP, SSO, Network Shares, and NTFS permissions; Data Leak Prevention (DLP); Role Based Access Controls (RBAC); and policies for connected remote devices.
FileCloud’s resource library contains white papers and guides on best security practices (including the CMMC 2.0 white paper). FileCloud University is a repository for user and admin training videos. Clients can also include Professional Services as part of their license package.
Activity logs provide oversight and documentation for audits. These audit logs are unchangeable and can be exported for ease of review. FileCloud also supports SIEM integration, hierarchical retention policies, and access/modification restrictions on specified records.
Admins can customize the FileCloud environment to manage sharing permissions, password enforcement, personnel security, data governance, device configuration, and other granular permissions. Other data governance tools include metadata management, DLP, and automated content classification.
Secure user and admin access is a major component in FileCloud. Proprietary user authentication, AD/LDAP integration, Network shares integration, Single Sign-on (SSO), and two-factor authentication (2FA) help support this requirement.
In-depth data governance tools in FileCloud include global policies, DLP rules, automated content classification, custom notifications and reporting, and SIEM integration. User, device, and data activity are displayed on a centralized dashboard for ease of oversight. Admins can also set up automated workflows to support environment management.
FileCloud supports admin automation of repetitive tasks. Admins can perform tasks like disabling specific users, deleting files if not accessed for some particular period, activity log access and transfer to another location, etc. FileCloud admins can also set up automatic backups to ensure files are maintained, even if the database or power system is interrupted.
Built-in antivirus capabilities in FileCloud ensure the safe upload of files; data is encrypted using HTTPS during transmission via SSL/TLS protocols. Once uploaded, DLP rules protect sensitive or confidential data from being shared based on metadata tags. DRM (Digital Rights Management) extends this control even further, with the ability to rescind or restrict data after sharing.
A maturity model is defined as a set of best practices that an organization will follow to ensure a certain level of security. This model system has been introduced as a solution to limit the damage related to cybercrimes, which are increasing exponentially around the world and becoming ever more sophisticated.
The DoD entrusts contractors and sub-contractors with sensitive information and needs to ensure appropriate security measures are in place. To bid on federal contracts, organizations must be prepared to meet these cybersecurity measures.
Though CMMC certification may be difficult for small contractors or companies to achieve, it serves important national interests and represents an investment in security hardening throughout the DoD supply chain.
The DoD will label contracts with the required level of CMMC certification. No CMMC certification is required if your firm deals only with public information. There are 3 levels:
If contractors are not certified with the appropriate CMMC level, they will not be able to bid on DoD projects. The main question becomes, which level of certification is needed? It largely depends on the information the organization will handle – public, FCI, or CUI.
The DoD is conducting a slow rollout for CMMC. New contracts will be issued with CMMC requirements. The DoD expects all contractors and sub-contractors to be at least Level 1 compliant by January 2026.
There are over 350,000 Defense Industrial Base firms that will be subject to CMMC certification at some level. The DoD estimates that most contractors will need Level 2 CMMC certification, with a minority needing Level 3 (which must be certified directly by government assessors).
There is a 7-step process commonly used to achieve Level 2 CMMC certification:
A cybersecurity maturity model is a framework of best practices and guidelines that an organization commits to implementing and maintaining. The framework serves as a roadmap for organizations and enterprises to enact cybersecurity programs. The CMMC program is one example of a maturity model framework, with three levels of maturity to protect specific types of information.
CMMC is the acronym for "Cybersecurity Maturity Model Certification," a program launched by the US DoD. Certification will be required for all contractors and subcontractors who intend to bid on DoD contracts beginning in 2026. This program will ensure any contractors processing sensitive information (FCI and CUI) will have met minimum cybersecurity requirements.
All contractors and sub-contractors of the DoD are expected to be at least Level-1 compliant by January 2026. Otherwise they cannot bid on any DoD projects. This model aims to reduce the threat of cybercrime, which poses significant risk of information leaks that could compromise national security and absorb public resources.
Contractors and subcontractors need to demonstrate adherence to CMMC domains by virtue of cybersecurity processes, capabilities, and practices. Demonstrating adherence to specific requirements across CMMC levels and domains is only one part of the process. Contractors must also complete assessment according to the level of certification sought: self-assessment (level 1), assessment by a CMMC Third Party Assessment Organizations (C3PAOs) (level 2), or assessment by a qualified government official (level 3).