The U.S. Department of Defense (DOD) spends more than $316 billion on contracts each year. Notwithstanding the multibillion-dollar contracts that go to the likes of Lockheed Martin, Boeing and Raytheon, many smaller organizations manufacture and offer products and services to the Defense Department as contractors. VersaTrust is the proud managed security services provider for one such company.
Navigating the Complexities of DOD Contracting
The rigors of applying for DOD contracts are infamous among businesses, small and large alike. Despite what would seem like an enormous disadvantage in size and resources, DOD contractors of all sizes must achieve and maintain IT compliance with the same regulations as the heavyweights. Because of the nature of the Department of Defense, security is always of paramount concern, and the regulations surrounding classified and unclassified requirements continue to evolve.
Many bids are rejected because of a lack of documented security policies, inadequate monitoring for adverse incidents or other shortcomings in their IT systems. This is the story of one of those smaller outfits, a manufacturer in the Fort Worth area, that relied on VersaTrust to overcome the uphill battle of rigorous DOD compliance requirements.
Shortly after meeting VersaTrust, our client recognized they need to work with an IT firm like ours that could offer a more sophisticated operations model and has the expertise to help them navigate the increasingly complex DOD contractor requirements. They turned to VersaTrust for a more mature IT model. Initially, because they were working with a limited budget, the client opted against our advice to deploy a data backup solution. Only a few short months later, one of their old servers crashed. Without a backup in place, their irreplaceable data was nearly lost. Fortunately, our techs were able to massage the data off the old disks, but the hours of breathless anxiety convinced them to install a proper backup solution.
Creating CUI-Compliant Solutions
Soon after we modernized their infrastructure and upgraded their systems, the DOD released the new NIST 800-171 CUI compliance requirements, governing the security of controlled unclassified information, which is highly sensitive in the wrong hands but not deemed classified.
Our client entrusted their systems, and in no small part their fate as a DOD-approved contractor, to VersaTrust’s certified information security professionals with extraordinary results.
We began by performing a detailed analysis of the requirements of the client’s processes, personnel and IT infrastructure. From there, we implemented the critical components to achieve and maintain CUI compliance, including:
- SIEM log monitoring
- Real-time traffic analysis
- Advanced end-point protection
- Near 100% uptime
- 24/7/365 prevention and response
Working with VersaTrust Pays in a Big Way
Forming a trusting partnership with VersaTrust has helped our client remain compliant with daunting regulations. Today, we’re working with them to help them navigate the new Cybersecurity Maturity Model Certification (CMMC) requirements that are replacing the NIST 800-171 requirements.
Thanks to our diligence and their well-documented compliance, the company is empowered in a highly competitive environment and able to bid against much larger companies for highly competitive lucrative DOD contracts. Today, they are poised in the final round of intense bidding for a significant DOD contract that would mean exponential immediate growth, more than doubling their employees in a single quarter, with a 166% increase in quarterly revenue.
The Value of VersaTrust
Large DOD contractors like Lockheed Martin might be able to go it alone when it comes to IT security and complying with NIST 800-171 CUI requirements or CMMC requirements. For smaller operations that want to competitively bid for DOD projects, it takes forming meaningful, trusting partnerships with a managed security services provider that understands the nuances and complexities of such rigorous requirements. These are rare attributes among IT services companies, but exactly where we shine at VersaTrust.
We keep our clients on track with IT compliance so they can grow their business. If your IT services aren’t doing that for you, give us a call (817) 595-0111 or contact us online.