BCS | April 21, 2021
BCS Data Center Operations (BCS) announces the addition of a new BCS Government Programs branch to its solution portfolio, committed to supporting the mandate of federal, state, and local governments, as well as their partners. The expansion enables BCS to adapt rapidly to vital infrastructure needs triggered by recent government reforms.
Craig Harris, a veteran of the business and government initiatives, has been elected senior vice president and chief federal programs officer, in charge of directing BCS Government Programs activities. He joins BCS with two decades of operations experience, including overseeing colocation operations for a top data center provider, leading the Amazon Web Services (AWS) infrastructure team responsible for U.S. government contracts, leading IT process-design projects for the federal government, and launching state-of-the-art fulfillment centers for Amazon.
Harris worked as a lead associate for Booz Allen Hamilton, where he headed projects for the United States Department of Homeland Security, the Office of Naval Research, the United States Navy, the United States Army Materiel Command, and the United States Marine Corps Warfighting Laboratory. He was in the Marine Corps for 14 years.
BCS currently manages over 6 million square feet and 350 MW of critical power under contract, with a considerable portion of it handling highly supervised, compliant, uptime-dependent environments for three of the world's leading financial service firms. BCS reported earlier this year that they had earned the Uptime Institute's M&O Stamp of Approval, as well as a good Service Operation Control (SOC) 2 Type II survey and Payment Card Industry Data Security Standard (PCI DSS) evaluation for the Phoenix data center campus.
BCS utilizes a complete lifecycle of solutions delivered by trained and accredited people, best-in-class processes, and cutting-edge technology through a single integrated delivery system, allowing agencies and their clients to concentrate on their primary tasks. Because of BCS's single-source, self-performance model, BCS staff provide at least 80% of all services.
BCS is an enterprise-level essential facility operations company that focuses solely on data centers. Via a single completely developed self-performance model, the BCS strategies portfolio includes facility management, IT services, physical security, and a variety of value-added professional services. To achieve improved efficiency, reliability, and scale, BCS employs sophisticated technologies and centralized services such as BCS CriticalWorksTM, BCS CriticalCareTM, and the BCS Tactical Operations Center. With over 6 million total square feet and more than 350 MW of data center critical power under contract, BCS meets the demands of Fortune 500 companies.
Gimmal LLC | September 23, 2020
Gimmal LLC, a Houston-based provider of information governance and compliance software, has now made it much easier for government customers to grant a FedRAMP ATO for a cloud deployment of Gimmal Records Management. By being deployed on Project Hosts' Federal Private Cloud (FPC) FedRAMP-authorized Platform-as-a-Service (PaaS), Gimmal Records Management inherits 86% of the controls required for FedRAMP compliance. Gimmal has just completed the Project Hosts' FedRAMP validation process, where Gimmal and Project Hosts ensure that all required application-level controls have been implemented. Gimmal's offerings include providing a System Security Plan (SSP) that describes how all application-level controls are implemented and any evidence of implementation that is requested.
CyberSheath Services International, LLC | February 03, 2021
CyberSheath Services International today launched its Managed IT Services for Defense Contractors to ensure compliance with the new cybersecurity standards for commercial contractors of the United States government. The managed services include a Shared Security Compliance Framework to ensure compliance for both DFARS Clause 252.204-7012 / NIST SP 800-171 and the new DFARS 252.204-7019-7021 CMMC requirements.
When combined with CyberSheath’s existing Managed Compliance and Security Services, the new Managed IT Services cover the full spectrum of managed services needs for most U.S. Defense Industrial Base (DIB) contractors. CyberSheath has long recognized that a large part of IT delivery, tasks such as patching and asset management, are foundational to NIST 800-171 and CMMC compliance, and customers need a force multiplying solution for Managed IT services. This offering is only available to defense contractors and uniquely built to make CMMC and NIST 800-171 compliance a natural outcome of day-to-day operations.
This new consolidated solution is anchored on Microsoft technology or Microsoft Solution Partner technology, but flexible enough to “meet you where you are.” It has the distinct ability to add compliance or security-as-a-service either upon initial onboarding, or at any time during the subscription period. As a “Hosted Compliance,” it combines elements of MSSP and Managed IT and uses a Microsoft-focused technology stack, including Azure Government Blueprints, Microsoft 365 Government (GCC High), and the full strength of the vast Department of Defense (DoD)-approved Microsoft security portfolio. CyberSheath’s CMMC Managed Services future-proof clients against CMMC policy changes and new implementation requirements.
“Any defense contractor that fails to comply with the CMMC will not be doing business with the DoD moving forward as the DoD now prevents non-compliant contractors from participating in DoD contract awards,” said Andy Shooman, COO at CyberSheath Services International. “Our IT managed services are built for the many defense contractors, both Primes and Subs, that still don’t fully understand the DFARS requirements and believe that their weakest link to compliance may be their existing IT services. Simply put, the new DFARS rules raise the stakes and companies that don’t quickly become compliant will be left out of DoD contracts. Our IT managed services ensure that doesn’t happen.”
The U.S. Department of Defense (DoD) established the CMMC as a new security measure to protect Controlled Unclassified Information (CUI), Federal Contract Information (FCI), and other sensitive data residing on systems and networks owned by defense contractors. The DoD requires all of its contractors and suppliers to comply with the new CMMC standards at a given level and undergo a certification process based on review by an accredited third-party assessment organization prior to contract award.
CyberSheath uses a proven AIM™ (Assess – Implement – Manage) methodology to meet defense contractors where they are and bring them up to standard both for existing regulatory requirements and CMMC. CyberSheath offers five CMMC levels of assured compliance, ranging from premise-based technology companies to cloud-driven FedRAMP High environments. Leveraging AIM™ to identify gaps against CMMC requirements, CyberSheath quickly implements any needed changes and revises architectures to maintain desired levels of CMMC compliance.
CyberSheath takes ownership of CMMC compliance, leveraging a Shared Responsibility Model, a concept uniquely adapted from cloud providers and applied to CMMC Managed Services. This management framework dictates the security obligations of a CMMC compliance environment and its users to ensure accountability and define where and how security measures should be applied, with a special focus on CUI and other sensitive government data. The result is a self-reinforcing model that reduces the burden on government contractors and ensures compliance.
“Frankly, defense contractors have seen a lot of changes in cybersecurity compliance over the past year, but we have been delivering audit-ready, U.S. DoD compliance-focused managed services for more than five years in response to the original NIST 800-171 requirements and know we can assist contractors expeditiously with their needs,” said Mr. Shooman.
About CyberSheath Services International, LLC
Established in 2008, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs.