CCIB™ (CMMC In a Box)

Dnutch Associates, Inc. & Nimbus Logic, LLC has engineered a turn-key solution called CCIB™ (CMMC Compliance In a Box). It is comprised of secure laptop bundled with a secure cloud package to expedite the process of compliance with the DFARS Interim Rule, and subsequently with CMMC.

CCIB™ assists Primes and subs in rapidly achieving the mandated compliance required for award of government contracts, in a very cost-effective manner.

What’s In the Box?

Secured Laptop from Dell

Laptop is delivered fully configured for each user and is set-up to utilize TPM 2.0 with Microsoft Bitlocker for local drive encryption.

Microsoft 365 Cloud Licensing & Configuration

All users are setup with Microsoft 365 GCC High licensing along with all required cloud configuration to create a baseline 100% NIST 800-171 compliance score.

Ongoing Real-Time Monitoring, Reports & Compliance Support

All endpoints and cloud services will have ongoing real-time monitoring for compliance, threat & vulnerabilities for a complete Managed Detection and Response (MDR) solution. Reports will be also delivered on a regular schedule to keep you informed.

Request a Consultation


    Dnutch Associates, Inc, with the help of Nimbus Logic, LLC has engineered a product to address requirements called-out in NIST SP800-171r2, which is at the core of the DFARS Interim Rule. That product is called Dnutch CCIB TM – CMMC Compliance In a Box.

    CCIB TM consists of a bundled solution of Dell’s most secure laptop, and a subscription to a tailored-configuration of Microsoft 365  and Azure Government Cloud subscriptions managed by Nimbus Logic in the Microsoft Government Cloud which creates a baseline 100% NIST 800-171 compliance score.

    The laptop is set-up to utilize TPM 2.0 to enable Microsoft Bitlocker for local drive encryption. The Cloud services use TLS 1.2 for secure transport, and is powered by Azure Active Directory, with Microsoft Endpoint Manager and other programs and features to satisfy NIST SP800-171r2 requirements. These are monitored by Microsoft Compliance Manager, which produces a line-by-line report of cybersecurity control implementation,
    as it applies to requirements in the standard.

    This conglomerate of hardware and secure Cloud services provides a turn-key solution
    that addresses the physical and logical elements of practice, as they dovetail into
    corporate policy and procedure for good cyber hygiene, as defined by federal standards.

    The only thing left for the customer to do, is to put a good SSP (System Security Policy) in place, and run the gap-analysis and assessment.

    Prior to release, CCIB TM will be reviewed extensively by Dnutch SMEs and carry a Letter of Attestation by a government-certified assessor.


    Product acquisition and fulfillment will be done through a Contract Manufacturer (CM), who will also be responsible for hardware/firmware configuration.
    The CM has a direct relationship with Dell, and Warranty and OS (Microsoft Windows 10 Pro) licensing will be handled within the OEM relationship.

    Application licensing for M365 GCC, and secure Cloud services will be managed by Nimbus Logic as an authorized Microsoft AOS-G Cloud Service Provider, where the onboarding process for compliant configuration has been scripted, for scalability and to achieve an out-of-the-box NIST-800-171 score of 100%

    The contract term is 36 months with financing included.


    Step 1.

    Fill out our free consultation request form. A specialist will schedule some time to discuss your needs and how CCIB can help your organization.

    Step 2. 

    Apply for eligibility approval for the Microsoft Government Cloud.  *Important. Unless you are a government organization, make sure you select “My Organization is: Customers handling government-controlled data. You must receive validation at Category 3 to be on GCC High otherwise, you will qualify for GCC.  Time to complete: 1-4 days.

    Step 3.

    Upon approval from Microsoft, we will send you a quote and financing agreement with our leasing company. Time to complete: 2 days.

    Step 4.

    Upon acceptance, Nimbus Logic will follow strict procedures to onboard you into the Microsoft Government Cloud and provide the managed services to keep you compliant with NIST-800-171.  Time to complete: 5-10 days.

    Step 5.

    The customer just need to put a SSP in place and run the GAP analysis and assessment. Time to complete: 1-3 days.


    Ms. Denise Jones

    President and CEO DNutch Associates, Inc.

    Phone: 617-448-9971

    Michael Baccala

    Director of Security

    Phone: 928-202-4903

    David Wilming

    Co-Founder Nimbus Logic, LLC

    Phone: 518-423-2688