Enables small and medium defense contractors to simplify and lower cost of CMMC and DFARS compliance with end-to end encrypted cloud services.
BOSTON, March 11, 2024 /PRNewswire-PRWeb/ -- the leading solution for CMMC, NIST 800-171 & ITAR compliance, today announced that it has become the first Cloud Service Provider (CSP) to meet the Department of Defense’s (DoD) updated, stringent FedRAMP Moderate Equivalency requirements. FedRAMP equivalency for CSPs is stipulated in the Defense Federal Acquisition Regulations Supplement (DFARS) clause 252.204-7012. While the Federal Risk and Management Program (FedRAMP) is the government’s program to enforce cybersecurity standards for governmental organizations utilizing commercial cloud services, the DoD is imposing these same standards on its own Defense Industrial Base (DIB) by requiring organizations seeking CMMC and DFARS 7012 compliance to only use CSPs that are either FedRAMP Moderate Authorized or have been independently assessed to be 100% compliant with the FedRAMP Moderate Control Baseline. PreVeil is in fact the first CSP to meet the DoD’s updated criteria for equivalency.
This significant accomplishment further reinforces PreVeil's position as the leading solution for CMMC, ITAR and DFARS compliance, especially for the nation's small and medium sized defense contractors.
"The DoD validation gives our nation's small and medium size defense contractors more choices to meet CMMC and DFARS with next generation, encrypted cloud services that can save them tens of thousands of dollars per year," said Randy Battat, CEO of PreVeil.
In a December 2023 Memorandum the DoD codified their criteria for meeting to include requiring CSPs to have zero outstanding Plans of Actions and Milestones (POA&Ms) and having their Cloud Service Offering assessed by a FedRAMP recognized 3rd Party Assessment Organization (3PAO). PreVeil engaged SecureIT, a leading, accredited 3PAO to conduct a complete and thorough independent assessment of PreVeil's Cloud Service Offering to confirm that it meets these requirements.
"PreVeil engaged SecureIT early in their pursuit of FedRAMP Moderate Equivalency. As a trusted and experienced 3PAO that understands the FedRAMP baseline requirements, we were able to provide detailed explanations of noted issues which removed ambiguities and allowed PreVeil to better understand what was specifically needed to more quickly achieve a successful outcome." said David Trout, CEO of SecureIT.
Once the 3PAO Assessment was complete, PreVeil submitted its Body of Evidence (BOE) to the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC), the DoD's highest assessment organization, who then conducted a multi week review. Upon the successful completion of that review, DIBCAC and the DoD CIO, CMMC Program Management Office notified PreVeil that it meets the requirements for FedRAMP equivalency.
About PreVeil
PreVeil is the leading, proven solution for CMMC and DFARS compliance. PreVeil's end to end encrypted email and file sharing platform, CMMC documentation, and partner network is trusted by over 1,000 defense contractors. Multiple customers have already achieved perfect 110/110 Scores in NIST 800-171 and CMMC Joint Surveillance Assessments. These successful assessments validate PreVeil's benefits of compliance assurance, best in class security and low cost for defense contractors. To learn more about PreVeil's FedRAMP story, check out our
*CMMC is the Department of Defense's Cybersecurity Maturity Metric Certification program, whereby all defense contractors and their supply chains will be required to be audited to strict cybersecurity requirements in order to win DoD contracts.
Media Contact
Orlee Berlove, PreVeil, 1 6176332931, [email protected],
Seth Steinman, PreVeil, 1 (401) 258-0045, [email protected],
SOURCE PreVeil
Share this article