CMMC
COMPLIANCE
SERVICES

DoD Level 2 and 3 CMMC
Compliance Solution
Schedule A Demo

LEARN MORE
Services Overview

Watch this short video to learn more about OSIbeyond’s Managed Security Services.

CMMC Registered Provider Organization

OSIbeyond specializes in CMMC compliance and is a Registered Provider Organization (RPO) authorized by the CMMC Accreditation Body (CMMC-AB) to provide consulting services to DoD contractors seeking CMMC certification. In addition, with multiple Registered Practitioners (RP) available on staff, we have the credentials and expertise to guide your organization in becoming CMMC audit ready and maintaining compliance post certification.

Get Started Today

CMMC
OVERVIEW

The Cybersecurity Maturity Model Certificating (CMMC) encompasses maturity levels that range from “Basic Cybersecurity Hygiene” to “Advanced or Progressive”. The DoD will use the new CMMC framework in order to assess and enhance the cybersecurity posture of the Defense Industrial Base (DIB). The CMMC is intended to serve as a verification mechanism to ensure appropriate levels of cybersecurity practices and processes are in place.

 

 

 

TECHNICAL
APPROACH

CMMC Levels 1-3 encompass 110 security requirements specified in NIST SP 800-171 rev1. OSIbeyond’s Managed Security & CMMC Compliance Services consists of best of breed cybersecurity solutions designed to meet DoD Level 2 and Level 3 CMMC requirements.

Security
Solutions

OSIbeyond Managed Security Services are offered in two packages. The CMMC-L2 package and the CMMC-L3 package, designed to meet level 2 and 3 requirements respectively. All aspects of implementation and deployment are managed by OSIbeyond at no up-front cost to your organization.

CMMC-L2 Package includes:

  • 24×7 SOC Coverage
  • SIEM Solution
  • Office 365 Monitoring
  • Multi-Factor Authentication
  • Security Awareness Training
  • Advanced Endpoint Protection
  • Endpoint Encryption
  • Vulnerability Assessments

CMMC-L3 Package also includes:

  • Advanced Email Filtering
  • Mobile Device Management (MDM)
  • DNS Filtering

Benefits

Developing a cybersecurity program requires extensive resource, expertise, costs, and time. OSIbeyond’s Managed Security Services are an out of the box, plug, and play solution designed to provide your organization with a sophisticated cybersecurity program. Managed Security Services from OSIbeyond provide the following benefits.

  • Meet CMMC Level 2 or Level 3 technical requirements
  • Ensure ongoing CMMC compliance
  • Expedite deployment timeframe
  • Protect trade secrets/sensitive data
  • Protect brand reputation
  • Meet cybersecurity insurance requirements
  • In partnership with in-house IT or existing IT provider

 

 

24x7 SOC Monitoring

  • Monitoring of data from multiple systems
  • Human analysis of alerts to determine validity (identifying false positives)
  • Notification of verified threats for example:
    • Indications of active ransomware
    • Suspicious remote-control session
    • Malicious file being downloaded
    • Indication of email account compromises (forwarding rules etc.)
  • Guidance on remediation of detected threats
  • Leveraging intelligence from other organizations
  • Expert Cybersecurity professionals
  • Second set of eyes on your systems/network
  • Benefits of using a 24×7 SOC

SIEM Solution

  • Web-based monitoring application
  • Works with sensors placed inside your technology ecosystem (monitoring all traffic)
  • Real time reporting of any signs of threat activity found in the monitored network
  • Provides enhanced threat analysis
  • Detecting and investigating threats within log metadata
  • Store logs for compliance (30 days)
  • Seamless deployment for workstations (no software/agents etc.)
  • Lightweight agent on servers (DCs only)
  • Analysis of combined data from multiple sources
  • Comprehensive visual on security posture

Office 365 Monitoring

  • Analysis of Office 365 logs and ingestion into the SIEM platform
  • Defend against business email compromise (BEC), account takeovers, and have visibility beyond network traffic.
  • Analyzing data from 365 in conjunction with other network assets

Multi-Factor Authentication

  • Provides second layer of security
  • Prevents account compromise even if user password is stolen
  • Deployed on all compatible applications, for example:
    • VPN
    • Email
    • Cloud based services (Dropbox, OneDrive etc.)
  • Mobile app or token devices

Security Awareness Training

  • Randomized simulated phishing tests
  • Intended to catch users off guard
  • Conducted continuously
  • Includes training content such as for new hire orientation, annual refresher training etc.
  • Designed to decrease social engineering fraud

Advanced Endpoint Protection

  • Next-Generation Antivirus Solution
  • Uses AI algorithm to detect and prevent threats
  • Able to isolate infection systems immediately
  • In the event of infection, provides rollback capability, for example:
    • Restoring infect system back to previously good state

Endpoint Encryption

  • Centrally managed encryption of storage on workstations (PC & Mac)
  • Protects data in the event of stolen or lost device
  • Common Cyber Security configuration requirement (audits/insurance etc.)

Vulnerability Assessments

  • Conducted biannually
  • Agentless scanning of network subnets
  • Identifying the most relevant threats to your environment
  • Remediation tracking and guidance for your IT staff
  • Fulfillment of audit/insurance requirements (historical record)
  • Scanning based on compliance requirements
  • Scanning of 3rd party hosted applications

Advanced Email Filtering

  • Sophisticated algorithm detects and prevents phishing/spam threats
  • Focuses on CEO Impersonation/ Fraud attacks
  • Monitors outbound email to build profile of trusted contacts within the organization

Mobile Device Management (MDM)

  • Provides inventory and reporting for mobile devices used to connect to corporate systems
  • Permits devices to be rapidly de-provisioned during employee off boarding
  • Allows for policies to be enforced for security settings and software update

DNS Filtering

  • Required at CMMC Level 3 (SC.3.192)
  • Provides an additional layer of reporting on endpoint activity, including when users are remote
  • Will block malicious URL’s if a user attempts to access a link in a phishing email, even if that email was delivered to a personal account

PRICING

Please enter the number of users in your organization to obtain exact pricing. You can also hover over each item to read the description of that service.

24x7 SOC Monitoring

  • Monitoring of data from multiple systems
  • Human analysis of alerts to determine validity (identifying false positives)
  • Notification of verified threats for example:
    • Indications of active ransomware
    • Suspicious remote-control session
    • Malicious file being downloaded
    • Indication of email account compromises (forwarding rules etc.)
  • Guidance on remediation of detected threats
  • Leveraging intelligence from other organizations
  • Expert Cybersecurity professionals
  • Second set of eyes on your systems/network
  • Benefits of using a 24×7 SOC

SIEM Solution

  • Web-based monitoring application
  • Works with sensors placed inside your technology ecosystem (monitoring all traffic)
  • Real time reporting of any signs of threat activity found in the monitored network
  • Provides enhanced threat analysis
  • Detecting and investigating threats within log metadata
  • Store logs for compliance (30 days)
  • Seamless deployment for workstations (no software/agents etc.)
  • Lightweight agent on servers (DCs only)
  • Analysis of combined data from multiple sources
  • Comprehensive visual on security posture

Office 365 Monitoring

  • Analysis of Office 365 logs and ingestion into the SIEM platform
  • Defend against business email compromise (BEC), account takeovers, and have visibility beyond network traffic.
  • Analyzing data from 365 in conjunction with other network assets

Multi-Factor Authentication

  • Provides second layer of security
  • Prevents account compromise even if user password is stolen
  • Deployed on all compatible applications, for example:
    • VPN
    • Email
    • Cloud based services (Dropbox, OneDrive etc.)
  • Mobile app or token devices

Security Awareness Training

  • Randomized simulated phishing tests
  • Intended to catch users off guard
  • Conducted continuously
  • Includes training content such as for new hire orientation, annual refresher training etc.
  • Designed to decrease social engineering fraud

Advanced Endpoint Protection

  • Next-Generation Antivirus Solution
  • Uses AI algorithm to detect and prevent threats
  • Able to isolate infection systems immediately
  • In the event of infection, provides rollback capability, for example:
    • Restoring infect system back to previously good state

Endpoint Encryption

  • Centrally managed encryption of storage on workstations (PC & Mac)
  • Protects data in the event of stolen or lost device
  • Common Cyber Security configuration requirement (audits/insurance etc.)

Vulnerability Assessments

  • Conducted biannually
  • Agentless scanning of network subnets
  • Identifying the most relevant threats to your environment
  • Remediation tracking and guidance for your IT staff
  • Fulfillment of audit/insurance requirements (historical record)
  • Scanning based on compliance requirements
  • Scanning of 3rd party hosted applications

Advanced Email Filtering

  • Sophisticated algorithm detects and prevents phishing/spam threats
  • Focuses on CEO Impersonation/ Fraud attacks
  • Monitors outbound email to build profile of trusted contacts within the organization

Mobile Device Management (MDM)

  • Provides inventory and reporting for mobile devices used to connect to corporate systems
  • Permits devices to be rapidly de-provisioned during employee off boarding
  • Allows for policies to be enforced for security settings and software update

DNS Filtering

  • Required at CMMC Level 3 (SC.3.192)
  • Provides an additional layer of reporting on endpoint activity, including when users are remote
  • Will block malicious URL’s if a user attempts to access a link in a phishing email, even if that email was delivered to a personal account

How many users?

CMMC-L2 Package

$35p/m

CMMC-L3 Package

$50p/m
24x7 SOC Monitoring
SIEM Solution
Office 365 Monitoring
Multi-Factor Authentication
Security Awareness Training
Advanced Endpoint Protection
Endpoint Encryption
Vulnerability Assessments
Advanced Email Filtering -
Mobile Device Management (MDM) -
DNS Filtering -
SCHEDULE A DEMO GET STARTED

    Ready to talk?

    Just provide your contact information and submit your request.


    CONFIGURATOR

    Tell us about your organization.

    What services are you interested in (select all that apply)?

    NEXT

    CONFIGURATOR

    IT Support for1 users

    required licensing for remote control, patch management, and asset management at $6/user.

         Remote Monitoring & Management

    Retainer Plans

    Subscription Plan

    Unlimited remote, onsite, or after hours support $150 /user
    Back NEXT

    CONFIGURATOR

    Cloud Solutions

    Microsoft 365

    Yes No
    Yes No
    Back NEXT

    CONFIGURATOR

    Cloud Solutions

    Private Cloud Hosting

    Do you need an Application server (finance, AMS, CRM, Remote Desktop)? Includes 100GB hard drive, 8GB RAM, 1 CPU, Windows Server 2019, monitoring and patch management.

    Yes No

    Do you need a web server? Includes 100GB hard drive, 8GB RAM, 2 CPU, Windows Server 2019, monitoring and patch management.

    Yes No

    Do you need a Database server? Includes 200GB hard drive, 10GB RAM, 2 CPU, Windows Server 2019, monitoring and patch management.

    Yes No
    Back NEXT

    CONFIGURATOR

    Enhanced Security Services

    Includes:

    Yes No
    Back NEXT

    CONFIGURATOR

    Equipment Lifecycle Management Subscription based equipment provided at monthly fee.

    Do you need workstations?

    Yes No

    Do you need core infrastructure?

    Yes No
    Back NEXT

    CONFIGURATOR

    Ready to get started?




















      Back
      View Itemized List

      Summary

      Organization
      IT Support
      Cloud Solutions
      Cloud Solutions2
      Enhanced Security Services
      Equipment Lifecycle Management
      Final

      Total Monthly Recurring Cost:$500

      SUMMARY

      Services

      • IT Support
      • Cloud Solutions
      • Enhanced Security Services
      • Equipment Lifecycle Management

      IT Support

      • RMM licensing $6/user per month

      Cloud Solutions

      Enhanced Security Services

      • + Email Security
      • + Multi-Factor Authentication
      • + Security Awareness Training

      Equipment Lifecycle Management

      • Core Infrastructure $175.00/mo
      Back to Form

      summaryTotal Monthly Recurring Cost:$