CMMC Solutions

CMMC Level 1 Compliance

Handling Federal Contract Information (FCI) in Microsoft 365

Get CMMC Level 1 Compliant

CMMC 2.0 Level 1 is applicable to aerospace and defense contractors supporting the Department of War (DoW) that handle or process FCI.

Some high-level requirements and updates for CMMC Level 1 could include, but are not limited to:

  • 17 practices aligned with Federal Acquisition Regulation (FAR) 52.204-21 – Basic Safeguarding of Covered Contractor Information Systems
  • Annual self-assessment
  • Securing FCI

Summit 7 serves government contractors, manufacturers, and higher ed research facilities by helping them meet the requirements for Defense Federal Acquisition Regulation Supplement (DFARS) 7012, National Institute for Standards and Technology (NIST) 800-171, and CMMC compliance.

This project includes the following:

  • Securing data on your workstations and mobile devices
  • Configuring of Microsoft 365 E3 licensing to the 12 technical security controls in CMMC Level 1
  • Data backup and retention for specific contract compliance (optional)
  • Initial assessment of your existing Microsoft 365 Commercial tenant (optional)

For more information on CMMC 2.0 updates, watch this video from Summit 7 Chief Security Evangelist, Jacob Horne. You can subscribe to the S7 YouTube channel to stay updated on all things CMMC 2.0.

Cybersecurity Maturity Model Certification

CMMC Levels Comparison

CMMC

Level 1

Safeguarding Federal Contract Information (FCI)

Securing FCI
17 practices aligned with FAR 52.204-21
Annual self-assessment
Learn More

CMMC

Level 2

Safeguarding Controlled Unclassified Information (CUI), Cyber Threat Intelligence (CTI), & International Traffic of in Arms Regulations (ITAR)

For companies handling CUI
Requires 110 security practices from NIST SP 800-171
Triennial third-party assessment (C3PAO) for prioritized acquisitions; annual self-assessment for non-prioritized
Learn More

CMMC

Level 3

Safeguarding Critical CUI

For companies handling the most sensitive data
Based on NIST SP 800-172
Requires government-led assessment
COMING SOON

Don’t just take our word for it

Trusted by 1,400+ Companies in the Defense Industrial Base

We serve all company sizes – from micro-businesses to Small and Medium-sized Businesses (SMBs) to large enterprises.

100% pass rate on security controls for Defense Federal Acquisition Regulation Supplement (DFARS)/National Institute of Standards and Technology (NIST) SP 800-171.

8 of the top prime contractors in the Defense Industrial Base (DIB) trust their IT, security, and compliance to Summit 7.

Contact

Speak With Our Team

Our team of compliance and cybersecurity experts are on standby and ready to help. We’ll walk you through what you need and what to expect.

Scroll to Top