CCIB™ (CMMC In a Box)

SOLUTION OFFERING

Dnutch Associates, Inc, with the help of Nimbus Logic, LLC has engineered a product to address requirements called-out in NIST SP800-171r2, which is at the core of the DFARS Interim Rule. That product is called Dnutch CCIB TM – CMMC Compliance In a Box.

CCIB TM consists of a bundled solution of Dell’s most secure laptop, and a subscription to a tailored-configuration of Microsoft 365  and Azure Government Cloud subscriptions managed by Nimbus Logic in the Microsoft Government Cloud which creates a baseline 100% NIST 800-171 compliance score.

The laptop is set-up to utilize TPM 2.0 to enable Microsoft Bitlocker for local drive encryption. The Cloud services use TLS 1.2 for secure transport, and is powered by Azure Active Directory, with Microsoft Endpoint Manager and other programs and features to satisfy NIST SP800-171r2 requirements. These are monitored by Microsoft Compliance Manager, which produces a line-by-line report of cybersecurity control implementation,
as it applies to requirements in the standard.

This conglomerate of hardware and secure Cloud services provides a turn-key solution
that addresses the physical and logical elements of practice, as they dovetail into
corporate policy and procedure for good cyber hygiene, as defined by federal standards.

The only thing left for the customer to do, is to put a good SSP (System Security Policy) in place, and run the gap-analysis and assessment.

Prior to release, CCIB TM will be reviewed extensively by Dnutch SMEs and carry a Letter of Attestation by a government-certified assessor.

DISTRIBUTION AND FULFILLMENT

Product acquisition and fulfillment will be done through a Contract Manufacturer (CM), who will also be responsible for hardware/firmware configuration.
The CM has a direct relationship with Dell, and Warranty and OS (Microsoft Windows 10 Pro) licensing will be handled within the OEM relationship.

Application licensing for M365 GCC, and secure Cloud services will be managed by Nimbus Logic as an authorized Microsoft AOS-G Cloud Service Provider, where the onboarding process for compliant configuration has been scripted, for scalability and to achieve an out-of-the-box NIST-800-171 score of 100%

The contract term is 36 months with financing included.

HOW TO GET STARTED

Step 1.

Fill out our free consultation request form. A specialist will schedule some time to discuss your needs and how CCIB can help your organization.

Step 2. 

Apply for eligibility approval for the Microsoft Government Cloud.  *Important. Unless you are a government organization, make sure you select “My Organization is: Customers handling government-controlled data. You must receive validation at Category 3 to be on GCC High otherwise, you will qualify for GCC.  Time to complete: 1-4 days.

Step 3.

Upon approval from Microsoft, we will send you a quote and financing agreement with our leasing company. Time to complete: 2 days.

Step 4.

Upon acceptance, Nimbus Logic will follow strict procedures to onboard you into the Microsoft Government Cloud and provide the managed services to keep you compliant with NIST-800-171.  Time to complete: 5-10 days.

Step 5.

The customer just need to put a SSP in place and run the GAP analysis and assessment. Time to complete: 1-3 days.