CyberSheath Enhances Its CMMC Managed Services with CMMCEnclave, the Most Comprehensive CMMC Compliance Platform

By Kristen Morales • April 20, 2021

RESTON, Va. — April 20, 2021 — CyberSheath Services International today introduced the next evolution of its CMMC Managed Services, including its CMMCEnclave. Based on Microsoft Azure, CMMCEnclave is the first enclave with optional management of multiple levels of CMMC. Covering all three dimensions of compliance — IT, governance, and security — CyberSheath’s CMMCEnclave delivers high-value custodial security of CUI while minimizing business interruptions to processes, procedures, and people. The result is simple, future-proofed compliance for the Defense Industrial Base (DIB) at a lower cost.

All Prime and Subcontractors to the U.S. Department of Defense (DoD) must be certified compliant with CMMC to obtain future DoD Contracts. The level of the CMMC certificate depends on the type and nature of the information that flows down from the Prime contractor. Unfortunately, no small or mid-size business has the IT, cybersecurity, and governance expertise to meet these requirements without a Managed Service Provider.

“Our goal is to take the difficult business requirement of CMMC compliance and turn it into a simple solution offering so contractors can remain eligible for DoD contracts,” said Eric Noonan, CEO of CyberSheath. “CyberSheath’s CMMC Managed Services deliver a complete solution with the IT, cybersecurity, and governance capabilities needed to achieve and maintain compliance. With fixed-price services and no hidden fees, our managed CMMC compliance meets you where you are with better, faster, and less complex adherence to CMMC requirements.”

CyberSheath’s CMMCEnclave adheres to all 130 controls of CMMC ML3, while limiting organizational CUI sprawl and driving role-based access to CUI. It includes four different use-case commitment levels based on contractors’ functionality and business needs, including:

  • External CUI communication: A secure SharePoint enclave, this option can be hosted in GCC high or commercial cloud depending on whether data is subject to exit controls.
  • CyberCloud — Shared Service: Secured using Active Directory Partitions and Windows Virtual Desktop, this option shares desktops while data security is enforced to CMMC compliance standards. Designed for users who only access Office applications, SharePoint Online, and OneDrive.
  • CyberCloud — Hybrid Cloud: This option segregates customers on private network segments with network security boundaries on top of Active Directory partitioning. It keeps desktops private and only accessible by a single company, with options for private application servers on a customer network segment. Designed for users who need an affordable cloud platform and use custom applications or file servers.
  • CyberCloud — Private Cloud: Keep all components, including Active Directory, completely private, with all servers and desktops residing in the customer’s Microsoft Azure tenant. Customers can host any applications or files in their environment and can optionally connect the enclave to their corporate infrastructure.

In addition to the CMMCEnclave, CyberSheath’s CMMC Managed Services include a self-service compliance dashboard showing compliance status, an inventory of DFARS compliance artifacts and evidence, and documentation of the System Security Plan (SSP). The dashboard gives insight into the current security threat landscape and incident levels as well as a supply chain assessment and the current performance of the CMMCEnclave.


About CyberSheath Services International, LLC

Established in 2008, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs. Learn more at



CyberSheath Services International, LLC

Kristen Morales at

Cybersheath Blog

How to Get More Value Out of CMMC Managed Services

There are many ways to achieve CMMC compliance, from fully insourced IT, cybersecurity and governance to fully outsourced managed services, each carrying various costs and risks. While the cost of compliance is a valid concern, there’s one constant across all your options: If you don’t meet CMMC standards, you won’t…

CMMCEnclave: Add Versatility with a More Flexible Approach

The enclave approach to CMMC compliance is one of the most cost effective and least disruptive ways to safeguard CUI. You can maintain high-value custodial security of CUI without upending your existing processes, procedures, and people. That way, you can maintain the proper level of CMMC compliance and remain eligible…

Executive Order Improving the Nation’s Cybersecurity has Teeth; Especially for Federal Contractors 

To understand just how consequential president Biden’s executive order on cybersecurity is for federal contractors, look no further than the Wall Street Journal article that bluntly explained how the new order will impact federal contractors: “Contractors that fail to comply with the baseline standards would essentially be prohibited from selling their…

Our Trusted Partners

Cyberark McAfee Thycotic RSA Tenable Alien Vault Alert Logic Microsoft