Worldwide
FileCloud
13785 Research Blvd, Suite 125Austin TX 78750, USA
Phone: +1 (888) 571-6480
Fax: +1 (866) 824-9584
Europe
FileCloud Technologies Limited
Hamilton House 2,Limerick, Ireland
In FileCloud, admins can enable a setting to automatically backup media files from any device to FileCloud. Users can rest assured knowing their data will stored without any action on their part. Additionally, FileCloud’s unlimited file versioning
stores versions as they change, and it’s easy to review and restore previous versions.
As part of FileCloud’s focus on hyper-security, clients can deploy their instance with different levels of encryption to suit their use case. For those looking for CMMC compliant endpoint backup, FileCloud can be deployed in FIPS mode, which enforces a NIST-certified FIPS 140-2 cryptographic module in the operating system.
FileCloud tracks all activity within the environment, creating a comprehensive audit trail. Additionally, FileCloud supports integration with Security Information and Event Management (SIEM) tools. Administrators can automate notifications and investigate suspicious activity with speed and ease.
FileCloud has received the Gartner Peer Insights Customers’ Choice Distinction for the fifth consecutive time!
92% of our customers would recommend us to a friend.
FileCloud is a hyper-secure, enterprise-grade file sharing and data governance solution that is constantly innovating and improving based on three central concepts: security, ease-of-use, and collaboration.
The comprehensive feature stack incorporates compliance support solutions across a variety of regulations and standards, not just CMMC. With tools like data leak protection, data retention policies, role-based access controls, and digital rights management, admins and users are both empowered to contribute to data security without sacrificing efficiency or stifling productivity.
Within CMMC 2.0, backup requirements are explicitly addressed in the domain, Media Protection (MP).
Backup security is also implicitly addressed in another CMMC domain, as interpreted by FileCloud. The Maintenance (MA) domain is generally defined within CMMC 2.0 as “manage maintenance.”
The explicit requirements for CMMC Level 2 are focused on:
However, the sole Level 1 requirement (MP.L1-3.8.3) is to “Perform Maintenance,” further described as “Perform maintenance on organizational systems.”
Many CMMC requirements are left in these broad terms, because the manner in which the requirement is met can differ across different types of organizations and businesses. A contractor with 10 employees is going to have an entirely different system from an enterprise provider with 10,000. With this in mind, FileCloud can be used to meet an element of this maintenance requirement, in the form of automated endpoint backups within a hyper-secure, encrypted FileCloud instance.
(Want a deeper look at CMMC 2.0 requirements and how FileCloud functions can be mapped to them?
Check out our CMMC 2.0 white paper!)
FileCloud supports compliance with CMMC 2.0 requirements through a shared responsibility model. What this means is that FileCloud can be leveraged by a client (for example, a Department of Defense subcontractor) to meet many of the cybersecurity requirements for file sharing and data management.
When CMMC is officially rolled out, contractors and subcontractors will be responsible for demonstrating compliance and achieving certification within the CMMC program at a specific level. Once the client has been assessed and certified, they can bid on DoD contracts that match their certification.
CMMC 2.0 addresses both hardware and software cybersecurity best practices. When deployed as a cloud service, FileCloud can support clients in meeting some of these requirements. When deployed as an on-premises product, FileCloud can be explicitly configured by the client to meet their exact requirements.
In both cases, whether FileCloud is operated as a service or product by the client, it is up to the client to leverage FileCloud in such a way that meets their use case, including CMMC requirements. This is often done in tandem with other tools and technologies, as part of a holistic CMMC compliance solution.
These are only a few of the security tools and settings in FileCloud that can be leveraged to support CMMC compliance. Dive into FileCloud’s robust security offerings through our dedicated page or by checking out our on-demand demo.
FileCloud’s heuristic content scanning engine checks files upon upload for ransomware or viruses to help protect the environment from infection. FileCloud can also integrate with third-party antivirus software for even more coverage.
FileCloud comes with a variety of settings to enforce access checks, including 2FA, SSO, AD integration, and password strength requirements. These tools ensure that only authorized users can access the instance.
Admins can protect the FileCloud system from spambots by enabling RECAPTCHA in the admin portal settings.
In FileCloud, admins can set policies for users or user groups that enforce consistent, automated access and sharing permissions.
FileCloud automatically deploys with 128-bit AES encryption for data at rest. However, this can be upgraded to 256-bit AES, and those running FileCloud in FIPS mode will have 256-bit AES encryption by default.
Not only does FileCloud support encryption for stored data, it can also be configured to encrypt data in transit by updating the system with an SSL or TLS certificate.
Admins and users can set granular file and folder permissions to secure data access. Admins can create policies, and users can set specific permissions when sharing. Permissions include read (view), write (edit), delete, share, and manage.
Comprehensive audit logs track who (user) did what (file activity), where (file location), how (method of access), and when (timestamp, IP address). User, file, and device activity can also be viewed in real time through the admin dashboard.
What is CMMC compliance?
CMMC compliance is the process or solutions used by Defense Industrial Base entities to securely store and process Controlled Unclassified Information (CUI) and thereby achieve cybersecurity certification. Once certified, these contractors can bid on US Department of Defense (DoD) contracts.
What is CMMC 2.0?
CMMC 2.0 or the Cybersecurity Maturity Model Certification program, is a US federal government cybersecurity standard based on FAR 52.204–21, NIST 800-171, and NIST 800-172. CMMC 2.0 streamlines the five levels defined in CMMC 1.0 down to three levels of progressively increasing cybersecurity requirements.
Who needs CMMC compliance?
Any Defense Industrial Base (DIB) contractor, subcontractor, or entity wishing to bid on or participate in a DoD contract must demonstrate CMMC compliance. Depending on the level sought, DIB entities can self-assess, participate in a triennial third-party assessment (with annual affirmation), or participate in a triennial government-led assessment (with annual affirmation).
Why is CMMC required?
DoD entrusts contractors with CUI; as a result, these entities may be targeted by cyber criminals or nation-state attacks. Many contractors are small businesses with limited resources providing specialized expertise or materials. To ensure a standardized level of cybersecurity for systems that process CUI, the DoD created the CMMC program.