DFARS Services Explained

The countdown to DFARS compliance is just around the corner…ARE YOU READY?

The Department of Defense (DoD) issued a final rule to clarify the Defense Federal Acquisition Regulation Supplement (DFARS) that requires contractors to implement information security strategies.

What you do…or better yet, DON’T do…will impact your ability to secure and perform DoD contracts.

We offer expert advice from Certified Information Systems Security Professionals (CISSPs), with in-depth experience in managing compliance programs for Federal standards such as DFARS, industry standards such as PCI DSS, and regulatory standards such as FFIEC and SEC. Succurri can fill in the gaps to help you meet the standards required by the Office of Small Business Programs of the DoD.

 

What Does This Mean?

Businesses contracting with the Department of Defense (DoD) and federal civilian executive branch agencies must implement the National Institute of Science and Technology (NIST) SP 800-171 security requirements. This includes any of the following:

  • Service providers that process, store, and transmit federal data on their systems, such as cloud service providers (CSPs)
  • Credit card & other financial services providers; web and email service providers
  • Background check companies for security clearances
  • Cloud and data hosting providers
  • Contractors that develop communications, satellite, and weapons systems

 

Does your enterprise have documented controls and management oversight for all of the following processes? This is only a sample of the DFARS/NIST SP 800-171 requirements. Any missing policies/procedures/controls could result in negative reports from third-party assessors. Succurri can help fill those gaps. For example:

Security Program Organization

Security policy development; security awareness training; information classification and need-to-know; personnel screening and authorization to access sensitive data.

Software and Hardware

Documented configuration baselines and version management; vulnerability scanning and remediation; and patch management.

Application/Service Architecture

Architecture standards, including user and service authentication, data exchanges, and network segmentation.

Intrusion Defense

Anti-virus and anti-malware, intrusion detection and prevention, incident response.

We are cyber security experts specializing in small businesses. We chose this niche because it is important and under-served. Succurri is also a small business staffed by dedicated, talented, and expert personnel who are motivated by a desire to help our customers. Call us today at (206) 785-7828 to get your security assessment started, and ensure a successful road ahead!

New call-to-action

 

Want to learn more about what a Managed Security Services Provider is? Listen to Succurri partner, Grant Eckstrom, and Fractional CMO, Tony Lael, discuss the topic in more depth in this video.

cover

Learn how to do some amazing things with computers

A little introduction to doing stuff with computers that you wouldn’t know without reading this book.
Subscribe
Schedule a Call with Us

You’ll be able to select a time to discuss any IT support needs with us.

Sarah W
Sarah W.

Phoenix Consultant

More Articles

Business Process Automation (BPA) implementation has become imperative for companies seeking to optimize operations, enhance

The market offers a variety of cloud phone system options for businesses. But how can

Business Process Automation (BPA) implementation has become imperative for companies seeking to optimize operations, enhance

Submit a new Support Ticket