In October of 2016, the Department of Defense published new rules regarding a contractor’s role in safeguarding Covered Defense Information, with contractors and subcontractors required to achieve compliance by December 31, 2017. But many are just now facing this challenge while bidding on new contracts. Where do you stand?

Changes Afoot

The final rule for the Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012 required DoD contractors, sub-contractors, and small businesses to implement various safeguards concerning Covered Defense Information (CDI) no later than December 31, 2017. The biggest hurdle of this rule is compliance with the National Institute of Standards and Technology (NIST) Special Publication 800-171, Revision 1. Many bidders are just now addressing these new standards as they bid. Where does your organization stand on NIST SP 800-171 implementation?


How We Help

Digital Boardwalk has developed a comprehensive suite of solutions, proprietary technologies, and formal processes to guide you through the implementation of DFARS 252.204-7012 and NIST SP 800-171 controls. In addition, we provide ongoing services to maintain your compliance with DoD’s ever-changing cybersecurity requirements.


Register Today for a FREE Assessment!

Ready to have an award-winning managed IT and security services provider guide you to full compliance? Fill out the form below to get started.

  • This field is for validation purposes and should be left unchanged.

What Digital Boardwalk can do for you:

  • Digital-Boardwalk-Pitchpage-Icons_icon-Attestation


    We detail exactly how to satisfy each of the 100+ controls across 14 control families in one comprehensive document, holding ourselves to the same security standards and control objectives as you.

  • Digital-Boardwalk-Pitchpage-Icons_icon-Complete-Compliance

    Complete Compliance

    Our proprietary system automation, industry-leading remote management & monitoring, and cutting-edge cybersecurity bring your company into compliance without investing tens of thousands into infrastructure.

  • Digital-Boardwalk-Pitchpage-Icons_icon-Policy-Writing

    Policy Writing

    We provide you with 28 expertly written InfoSec policies covering all NIST SP 800-171 Rev.1 control objectives, including Clean Desk policy, Acceptable Use policy, Data Breach Response policy, and more.

  • Digital-Boardwalk-Pitchpage-Icons_icon-The-Digital-Boardwalk-Advantage

    The Digital Boardwalk Advantage

    We cover more than most, including: InfoSec policy enforcement; continuous logging, monitoring, & auditing; multi-vector endpoint security, DNS protection, intrusion detection & prevention systems; cybersecurity awareness training; and more.

Frequently asked questions

All contractors, subcontractors, small businesses, or non-federal agencies that access Controlled Unclassified Information (CUI) or DoD Covered Defense Information (CDI) must implement and maintain the NIST SP 800-171 controls.

In short, 800-53 is intended for internal use by the Federal Government, whereas 800-171 is intended for non-federal entities who work with the Federal Government or have access to CUI. 800-171 is based on 800-53 but eliminates FIPS 200 and 800-53 requirements that do not apply to contractors, subcontractors, small businesses, and any other entity that handles CUI.

No. The DFARS rule does not require “certification” of any kind. By signing the contract, you agree to comply with the terms of the contract, including compliance with NIST SP 800-171.

Yes. Any portion of the information technology requirements may be outsourced, but you are responsible for ensuring the provider meets the cybersecurity standards.

Our strong partnerships with industry-leading technology providers
allow us to deliver award-winning solutions

Ready to Begin?

Send us an message to get free assessment now.

Register Now

Discover what you can do to strengthen your cloud data’s protection from loss and cyberthreats. Download our free eBook today to learn how!DOWNLOAD HERE