NIST SP 800-171 defines the requirements to protect sensitive DOD information. DFARS 252.204-7012 was the first framework, allowing contractors to self-assess and declare compliance. CMMC 2.0 sets multiple compliance levels, requiring third-party certification.

We’re here to guide you through it all.

With CMMC 2.0,
self-certification ends

It stands for Cybersecurity Maturity Model Certification, it’s coming soon, and it will be mandatory. CMMC 2.0 is the current set of cybersecurity standards and best practices that will be a go/no-go requirement for competing for and winning DOD contracts, from primes all the way to the smallest subcontractor.

DFARS came first. CMMC 2.0 will eventually replace it. Both are based on NIST requirements. But unlike DFARS, which allows self-certification, CMMC must be certified by a third-party auditor to one or more of three “maturity levels” — Level 1 (Foundational), Level 2 (Advanced) and Level 3 (Expert), based on the sensitivity of project-related information.


A simple process to address
a complex need.

Icon for Assessment


We bring deep, specialized knowledge of DFARS/NIST/CMMC requirements to assess existing infrastructure and provide a detailed report of what is needed.

Icon for Implementation


We implement all elements — write all policies, plans and timeframes and install all technical controls — required for compliance, on schedule and within budget.

Icon for Managed Services


We provide cost-effective managed services tailored to your required CMMC level in a cloud, on-premise or hybrid solution, anchored in proven Microsoft technology.


Want to learn more? Dive deeper.

A woman showing a man something on a tablet


A brief overview of the CMMC 2.0 tiered framework

A tablet with work progress data on the screen


Details on assessing NIST 800-171 compliance

A man wearing glasses and working on a laptop


A brief summary of the implementation process

A group of people working together on a desktop computer

Managed Services

Ensuring ongoing compliance and data protection

Every solution begins with a conversation.

Contact us today for a no-obligation discussion of CMMC 2.0 compliance, what's required, what you may need and what we can do to provide it. We've helped hundreds of DOD contractors. We can help you.