CMMC Solutions for CUI Data Protection: Cigent D3E and Secure SSD

Cigent Solutions

Cybersecurity Maturity Model Certification (CMMC) is the new standard that issues compliance requirements for all Defense Industrial Base (DIB) suppliers. You most likely handle Federal Contract Information (FCI) or Controlled Unclassified Information (CUI) as a DIB supplier, which are two types of sensitive data CMMC aims to protect. As a result, you're left accountable to meet and comply with these CMMC requirements and obtain the appropriate certification needed for future contracts. The question you’re left with is where to start.

Ideally, you want to find compatible CMMC solutions that work together to cover multiple requirements. Cigent D³E® and Cigent Secure SSD™ are two solutions that cover CMMC requirements on their own but also amplify capabilities when paired together. In this post, we demonstrate how these two solutions provide compliance coverage for 6 CMMC domains within levels 1-3.

What is Cigent D³E?

Cigent’s Dynamic Data Defense Engine™ (D³E) Zero Trust file access controls utilize multifactor authentication to protect CUI from data theft and ransomware, even if a system is compromised. Its authentication capabilities also allow you or your organization to both encrypt and control access to sensitive files. As a result, files are securely stored in any location and shared with only trusted users.

What is Cigent Secure SSD?

Cigent Secure SSD features the first and only family of self-defending storage devices with cybersecurity built into the firmware itself. They include a dedicated security processor that relies on machine learning to detect and respond to ransomware, a keep-alive sensor that automatically encrypts sensitive files if security software is bypassed, and a safe room that makes data invisible to any attacker. When paired with D³E, you can remain confident that your sensitive files stay protected throughout the entire data lifecycle.

How Do These Products Cover CMMC Levels 1-3?

Now that you're familiar with Cigent D³E and Cigent Secure SSD, we can take a closer look at what these products achieve specifically for CMMC compliance. Listed below are the 6 CMMC domains that these solutions address and what they provide for levels 1-3.

Access Control (AC): Establishes who can access your information systems and what limitations define those access permissions.

How D3E/Secure SSD Covers AC:

• Controls access to sensitive data by enforcing step-up authentication (D³E)
• Stores CUI data in “Safe Rooms”, encrypted disk partitions that further enhancing secure access (combine a self-encrypting device (SED) with a Cigent Secure SSD and a proper configuration)
• Employs access pattern detection for sensitive data, blocking access to any sensitive files until the user authenticates (D³E)
• Forces any CUI to be accessed only with a 2nd factor of authentication; the "anywhere" feature forces this control everywhere the file resides (D³E)
• Utilizes "Active Lock" to limit access to files either always or after a defined trigger (D³E)

Audit and Accountability (AU): Requires that you have a way of tracking users who can access CUI and complete audit performances of logs to monitor behaviors.

How D3E/Secure SSD Covers AU:

• Keeps audit logs of all actions and configuration changes for forensic and compliance purposes (D³E)
• Provides non wipeable protection for log files by storing them in firmware (Secure SSD)
• All actions on a D³E-enabled device are logged and can be used for investigations into unlawful activity
• Provides in depth and high-level reporting capabilities on an ad-hoc basis (D³E)

Identification and Authentication (IA): Ensures users have an appropriate level of access and utilize authentication to properly verify their identity.

How D3E/Secure SSD Covers IA:

• Controls access to sensitive data through step-up authentication (D³E)
• Stores data in granular, locked disk partitions, allowing access to only authorized personnel and processes (must combine D³E with a Cigent Secure SSD)

Maintenance (MA): Requires a maintenance system to effectively maintain and operate your information systems.

How Secure SSD Covers MA:

• Provides the capability to lock all sensitive data in a "protected" or "locked" partition of a Cigent SSD while maintenance is taking place or when a device is shipped offsite for maintenance.

Media Protection (MP): Implements proper identification and marking of media for ease of access. It also requires evidence of media protection protocols, sanitation protocols, and transportation protection.

How D3E/Secure SSD Covers MP:

• Verifies the erasures of all CUI stored in "protected" and "locked" partitions (D³E with a Cigent SSD)
• Protects digital CUI, limits access to CUI on any system, and controls/limits the use of untrusted external storage devices on said system (D3E with a Cigent SSD)
• “Locks” all sensitive CUI data within the "locked" and "protected" partitions during transport (D³E with a Cigent Secure SSD)

System and Information Integrity (SI): Requires identification and management of system flaws, identification of malicious content, and monitoring of your overall network and system.

How D3E Covers SI:

• Monitors Windows systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks via network and file deception
• Monitors individuals and system components on an ongoing basis for anomalous or suspicious behavior and access to CUI
• Identifies unauthorized use of organizational systems via denied access to CUI and sensitive data

Leveraging CMMC Solutions for Compliance

CMMC expects you to get onboard with compliance activities now, and you can no longer afford to wait on finding solutions to fulfill requirements. Cigent D³E and Secure SSD provide critical remedies for file access safeguarding and overall data defense. With these two solutions in place, your compliance journey is already jumpstarted for CMMC levels 1-3.

As you work to cover requirements and continue with your CMMC certification progress, consider utilizing our affordable, one-stop shop managed solution partnership along the way. It features Cigent D³E, Secure SSD, and four other point solutions intended to help you meet your CMMC technology requirements. Keep up the momentum and satisfy multiple requirements for the most effective CMMC compliance journey.