Attestation
We detail exactly how to satisfy each of the 100+ controls across 14 control families in one comprehensive document, holding ourselves to the same security standards and control objectives as you.
Warning:
In October of 2016, the Department of Defense published new rules regarding a contractor’s role in safeguarding Covered Defense Information, with contractors and subcontractors required to achieve compliance by December 31, 2017. But many are just now facing this challenge while bidding on new contracts. Where do you stand?
Changes Afoot
The final rule for the Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012 required DoD contractors, sub-contractors, and small businesses to implement various safeguards concerning Covered Defense Information (CDI) no later than December 31, 2017. The biggest hurdle of this rule is compliance with the National Institute of Standards and Technology (NIST) Special Publication 800-171, Revision 1. Many bidders are just now addressing these new standards as they bid. Where does your organization stand on NIST SP 800-171 implementation?
How We Help
Digital Boardwalk has developed a comprehensive suite of solutions, proprietary technologies, and formal processes to guide you through the implementation of DFARS 252.204-7012 and NIST SP 800-171 controls. In addition, we provide ongoing services to maintain your compliance with DoD’s ever-changing cybersecurity requirements.
Register Today for a FREE Assessment!
Ready to have an award-winning managed IT and security services provider guide you to full compliance? Fill out the form below to get started.
What Digital Boardwalk can do for you:
-
-
Complete Compliance
Our proprietary system automation, industry-leading remote management & monitoring, and cutting-edge cybersecurity bring your company into compliance without investing tens of thousands into infrastructure.
-
Policy Writing
We provide you with 28 expertly written InfoSec policies covering all NIST SP 800-171 Rev.1 control objectives, including Clean Desk policy, Acceptable Use policy, Data Breach Response policy, and more.
-
The Digital Boardwalk Advantage
We cover more than most, including: InfoSec policy enforcement; continuous logging, monitoring, & auditing; multi-vector endpoint security, DNS protection, intrusion detection & prevention systems; cybersecurity awareness training; and more.
Frequently asked questions
Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry’s standard dummy text ever since the 1500s
All contractors, subcontractors, small businesses, or non-federal agencies that access Controlled Unclassified Information (CUI) or DoD Covered Defense Information (CDI) must implement and maintain the NIST SP 800-171 controls.
In short, 800-53 is intended for internal use by the Federal Government, whereas 800-171 is intended for non-federal entities who work with the Federal Government or have access to CUI. 800-171 is based on 800-53 but eliminates FIPS 200 and 800-53 requirements that do not apply to contractors, subcontractors, small businesses, and any other entity that handles CUI.
No. The DFARS rule does not require “certification” of any kind. By signing the contract, you agree to comply with the terms of the contract, including compliance with NIST SP 800-171.
Yes. Any portion of the information technology requirements may be outsourced, but you are responsible for ensuring the provider meets the cybersecurity standards.
