Drive IT best practices and meet compliance initiatives
NIST Assessments & CMMC
Corserva offers NIST assessments for US defense suppliers and subcontractors who need to comply with the NIST 800-171 mandate. To be eligible to participate in DoD contracts, suppliers provide evidence of compliance with NIST 800-171 to the subcontractor or prime contractor with whom they are working. This evidence can include formal documents such as System Security Plans (SSP) and Plans of Actions with Milestones (POA&M).
In addition to performing NIST assessments, Corserva can create the required documents for the supplier and perform any required remediation identified during an assessment.
The Cybersecurity Maturity Model Certification (CMMC) was also created to enhance the cybersecurity posture of companies participating in government supply chains. It is expected that requirements for CMMC will be included in some contracts starting in 2020, and that CMMC is expected to replace NIST 800-171 by 2026. Corserva can help prepare companies for CMMC.
For the latest information about NIST 800-171 and CMMC, read “The Definitive Guide to Compliance with the NIST 800-171 Mandate and the Cybersecurity Maturity Model Certification (CMMC).”
- A complete mapping of physical and logical topologies
- Profiles of every device on the network
- IP addresses currently in use and which devices are using them
- Information on every connection in the network
- Enterprise Grade WiFi – Let your best-in-class WiFi accurately reflect the reputation of your corporate identity.
- Built-in Redundancy – Multiple network controllers operate together so that users are not impacted if an equipment failure occurs.
- Strong Signal Strength – Mobile devices that connect to your WiFi always get the strongest connection possible.
- Seamless Upgrades – Because reboots are not required during software upgrades, users are not impacted.
- Incorrectly configured hosts
- Out-of-date firmware
- Configurations that are not in line with industry best practices
Data Protection Assessments
Companies continue to store and manage increasing amounts of data about customers, vendors, employees, and other proprietary information. This data must be kept confidential and there are multiple data privacy regulations to which companies must adhere including GDPR, HIPAA, PCI DSS, CCPA, NYCRR, and CMR.
Corserva’s data protection assessments identify potential risks to personal information and business operations associated with a company’s policies and procedures. The methods of data storage (onsite, cloud, remote) are analyzed for security, data archiving, and accessibility.
After the assessment, you will have an understanding of what process changes and technology changes should be made to protect data.
Microsoft 365 & Office 365 Assessments
- Data protection baseline – Implement baseline technical, procedural, and people controls to protect your data
- IT risk management – Assess and monitor risks in Microsoft 365 and Intune
- Regulatory compliance – Assess and maintain controls for data protection regulations (NIST, ISO, HIPAA, GDPR, CCPA, etc.)