CyberSheath Enhances Its CMMC Managed Services with CMMCEnclave, the Most Comprehensive CMMC Compliance Platform

RESTON, Va. — April 20, 2021 — CyberSheath Services International today introduced the next evolution of its CMMC Managed Services, including its CMMCEnclave. Based on Microsoft Azure, CMMCEnclave is the first enclave with optional management of multiple levels of CMMC. Covering all three dimensions of compliance — IT, governance, and security — CyberSheath’s CMMCEnclave delivers high-value custodial security of CUI while minimizing business interruptions to processes, procedures, and people. The result is simple, future-proofed compliance for the Defense Industrial Base (DIB) at a lower cost.

All Prime and Subcontractors to the U.S. Department of Defense (DOD) must be certified compliant with CMMC to obtain future DOD Contracts. The level of the CMMC certificate depends on the type and nature of the information that flows down from the Prime contractor. Unfortunately, no small or mid-size business has the IT, cybersecurity, and governance expertise to meet these requirements without a Managed Service Provider.

“Our goal is to take the difficult business requirement of CMMC compliance and turn it into a simple solution offering so contractors can remain eligible for DOD contracts,” said Eric Noonan, CEO of CyberSheath. “CyberSheath’s CMMC Managed Services deliver a complete solution with the IT, cybersecurity, and governance capabilities needed to achieve and maintain compliance. With fixed-price services and no hidden fees, our managed CMMC compliance meets you where you are with better, faster, and less complex adherence to CMMC requirements.”

CyberSheath’s CMMCEnclave adheres to all 130 controls of CMMC ML3, while limiting organizational CUI sprawl and driving role-based access to CUI. It includes four different use-case commitment levels based on contractors’ functionality and business needs, including:

  • External CUI communication: A secure SharePoint enclave, this option can be hosted in GCC high or commercial cloud depending on whether data is subject to exit controls.
  • CyberCloud — Shared Service: Secured using Active Directory Partitions and Windows Virtual Desktop, this option shares desktops while data security is enforced to CMMC compliance standards. Designed for users who only access Office applications, SharePoint Online, and OneDrive.
  • CyberCloud — Hybrid Cloud: This option segregates customers on private network segments with network security boundaries on top of Active Directory partitioning. It keeps desktops private and only accessible by a single company, with options for private application servers on a customer network segment. Designed for users who need an affordable cloud platform and use custom applications or file servers.
  • CyberCloud — Private Cloud: Keep all components, including Active Directory, completely private, with all servers and desktops residing in the customer’s Microsoft Azure tenant. Customers can host any applications or files in their environment and can optionally connect the enclave to their corporate infrastructure.

In addition to the CMMCEnclave, CyberSheath’s CMMC Managed Services include a self-service compliance dashboard showing compliance status, an inventory of DFARS compliance artifacts and evidence, and documentation of the System Security Plan (SSP). The dashboard gives insight into the current security threat landscape and incident levels as well as a supply chain assessment and the current performance of the CMMCEnclave.


About CyberSheath Services International, LLC

Established in 2012, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs. Learn more at



CyberSheath Services International, LLC

Kristen Morales at

Join us for CMMC CON 2024 on Sept. 25, 2024, at 9am EST for a free, virtual, one-day conference focused on safeguarding against cyber threats.
This is default text for notification bar