CMMC Compliance Framework

Leverage FileCloud as part of your CMMC Compliance Framework

Secure Networking

FileCloud provides support for network integration with Active Directory, LDAP, and SSO. The platform also integrates network shares with NTFS permissions to provide better data access control. Users can view, upload, download, share, sync, and manage data while complying with CMMC 2.0 requirements.

Cloud Platform Services

Organizations can host and manage data on-premises or in a private cloud with FileCloud. Meet CMMC requirements for file sharing and data management while improving collaboration across remote teams within a hyper-secure cloud platform.

Account Management

FileCloud admin controls include tools such as audit logs, centralized device management, data governance controls, public and private file sharing, and much more. Role-based access controls (RBAC) can also be set up by the admin to enable authenticated and verified permissions for different roles.

Learn how FileCloud enables CMMC 2.0 file sharing and data management!

FileCloud has received the Gartner Peer Insights Customers’ Choice Distinction for the fifth consecutive time!

92% of our customers would recommend us to a friend.

Rating Stars Image

4.6

CMMC Compliance Framework

(Cybersecurity Maturity Model Certification)

The CMMC or Cybersecurity Maturity Model Certification program is a certification framework launched by the US Department of Defense that classifies cybersecurity maturity into different levels. Each level incorporates increasingly complex and secure functionalities or security objectives. These levels establish a framework for cybersecurity.

Once the program is officially rolled out, all DoD contracts will be labeled with a specific CMMC level. Any Defense Industrial Base (DIB) contractor or subcontractor wishing to bid on that contract must be certified in the requisite level (or higher). By enforcing this program, the DoD will be able to verify that contractors and subcontractors have the capability to protect FCI (Federal Contract Information) or CUI (Controlled Unclassified Information).

CMMC Levels

The DoD has released an updated CMMC compliance framework, referred to as CMMC 2.0. This framework establishes three levels of progressively increasing cybersecurity requirements. Each level is keyed to independent standards: Federal Acquisition Regulation (FAR) 52.204-21 and NIST 800-171 and 800-172 requirements.
CMMC 2.0 Levels

Level 1 – Foundational: involves FCI not for public release and aligns with 15 controls from FAR 52.204-21 “basic” controls; contractors must complete annual certifications and self-assessments.
Level 2 – Advanced: involves dealing with CUI and aligns with 110 NIST 800-171 controls; contractors must complete annual self-assessments and triennial reviews by a Certified Third-Party Assessor Organization (C3PAO).
Level 3 – Expert: involves dealing with CUI, and aligns with 110 NIST 800-171 controls, plus 24 NIST 800-172 controls; contractors must complete triennial, government-led assessments.

Creating a CMMC Compliance Framework

The DoD, which oversees the CMMC program, estimates that most DIB contractors will require Level 2 certification. However, many popular file sharing programs do not support CMMC Level 2 requirements for storing and sharing CUI.

FileCloud, on the other hand, is a powerful, hyper-secure solution that can be leveraged by DIB contractors to store, share, and govern public data, FCI, and CUI.

Leading Defense Contractors Choose FileCloud

Organizations processing critical data benefit by storing data in-house to minimize data security threats and meet compliance requirements. However, they often need to be able to collaborate on and share data with project stakeholders and subcontractors.

FileCloud is a robust file sharing solution that can easily integrate with existing IT systems to boost efficiency and security and help meet CMMC requirements. When deployed as an on-premises solution, organizations can use FileCloud Server as a primary file storage and access system or as an overlay for legacy storage and network shares. Within FileCloud, admins and users alike can take advantage of powerful tools and settings to protect data while collaborating remotely.

FileCloud Admin Dashboard

CMMC 2.0 & FileCloud - A Shared Responsibility Model

FileCloud provides a wide array of tools and settings within the platform to support CMMC 2.0 compliance. An organization can leverage these tools and adjust settings to suit their business needs while meeting compliance requirements.

In line with the shared responsibility model, admins and end-users of the organization are responsible for implementing suitable capabilities and managing and maintaining the environment where FileCloud is hosted to ensure that CMMC requirements are being met.

CMMC Awareness and Training

To complement your internal employee training, FileCloud provides extensive information on best security practices through our robust resource library. This library includes a comprehensive white paper on CMMC 2.0 and how FileCloud functionalities map to compliance requirements.

Read our CMMC 2.0 White Paper.

FileCloud also offers additional support resources through the following:

FileCloud University: admin and end-user training videos.
Support Plans: select between Base, Premium, or Extended.
Professional Services: Configuration and deployment assistance, plus live training support from FileCloud.

Frequently Asked Questions (FAQs)

What is CMMC compliance?

CMMC stands for Cybersecurity Maturity Model Certification. This is a program organized and enforced by the US Department of Defense (DoD) to ensure that any Defense Industrial Base (DIB) entity processing FCI or CUI has implemented a minimum standard of cybersecurity.

Why is CMMC required?

The DoD entrusts DIB contractors with critical data, which puts them at risk of being targeted by cybercriminals or nation states. To protect national security interests, the DoD created the CMMC program to standardize a minimum level of cybersecurity requirements that contractors must meet in order to bid on DoD contracts.

Who needs CMMC compliance?

Any DIB contractor or subcontractor wishing to bid on a DoD contract must have been assessed and awarded a specific level of certification to match the contract requirements.

What is CMMC 2.0?

CMMC 2.0 streamlines CMMC 1.0 requirements from five levels to three. These levels include progressively complex cybersecurity requirements, which are keyed to independent standards (FAR and NIST). CMMC 2.0 also removes additional requirements that were unique to CMMC 1.0.

Do cloud services need to be CMMC compliant?

Cloud service providers are not certified by the CMMC program. The program assesses and certifies DIB contractors, subcontractors, and entities based on their cybersecurity capabilities and processes compared to the requirements for a specific CMMC level. However, a DIB entity may include cloud services (such as FileCloud) as part of their CMMC compliance strategy to meet specific requirements.

Worldwide

FileCloud

CodeLathe Technologies Inc.
dba FileCloud
125 Park Avenue FL 25
New York, NY 10017-5550

Fax: +1 (866) 824-9584

Europe

FileCloud Technologies Limited

Ducart Suite,
Castletroy Park Commercial Centre, Castletroy,
Limerick, Ireland

Copyright © FileCloud. All Rights Reserved.

Please select your country

SUBMIT