R3 GovCloud Workplace for CUI and ITAR
CMMC compliance has become a requirement for members of the DOD supply chain to do business with DOD. The adoption of CMMC requirements for CUI is expanding across agencies and contracts. This will accelerate over the next 2 years. By 2024, it is expected that CMMC compliance for CUI will be a standard in the DOD supply chain (including Primes and Subcontractors).
R3 has announced the R3 GovCloud Workplace cloud offering to supports the CMMC compliance requirements for CMMC v2.0 at Level 2.
The R3 GovCloud Workplace is one of our 3 cloud offerings where you run the R3 Solutions of the R3 GovCon Suite. Our 3 core solutions are WinCenter to win federal business, Contract management to manage the contracts and subcontracts, and, Program Management to manage the delivery on awarded contracts. Each of these solutions are designed to manage information – data and documents. They are specifically designed to support the work of Federal Government Contractors.
Now, with the R3 GovCloud Workplace, all of this information can be stored and managed within a controlled environment that meets the stringent requirements of CMMC to manage CUI and also in support of ITAR compliance. Since our solutions cover the work areas for the bulk of your documents that might contain CUI or ITAR information, this environment gives you the ability to quickly get your operations up to the compliance level for CMMC and ITAR. This is a great way for subcontractors to meet the requirements of Primes. And, it provides a level of compliance for Primes that is typically greater than their operating level across their organization. In addition, with the R3 GovCloud Workplace you no longer need to move from Office 365 to GCC High to support ITAR or CUI compliance. This cost savings pays for the cost of the R3 solutions that increase your GovCon work productivity.
The compliance requirements supported by the R3 GovCloud Workplace consist of the following:
- CMMC v2 Level 2 – meeting the controls 110 controls of CMMC based upon NIST 800-171
- FedRamp Moderate Equivalent – in addition to the CMMC controls we comply with the 61 NFO and 58 NCO controls to support NIST 800-53 requirements as our baseline for FedRamp Moderate Equivalency
- DFARS 252.204-7012 – we support paragraphs c-g covering FedRamp Moderate Equivalency and DOD Incident Response
- AWS Infrastructure – AWS GovCloud US West is certified for FedRamp High and DOD SRG Levels 4 and 5
- ITAR support – All R3 technical personal are US citizens and AWS GovCloud West certifies US Citizens only
The environment is deployed on AWS GovCloud in US West. Below we list general features of the offering:
|
Where deployed |
AWS GovCloud US-West |
|
Target Customer |
DOD GovCon requiring support for CUI and ITAR compliance |
|
Infrastructure |
Dedicated Web Server; Shared Database Server |
|
Customer Data |
Separate, dedicated customer databases |
|
Customer Application |
Separate, supports custom changes |
|
Single Sign On |
Support SSO with Azure AD authentication, Okta, and others (O365/GCC Mid-High) |
|
URL |
Company Domain URL “workplace.companyd omain.com” |
|
Data Storage |
Base active amount 100GB; expandable |
|
Backups |
Monthly full backup; Daily full back-up differential; intra-day transaction log hourly |
|
Office 365/GCC Native Integration |
SSO; Email integration; Opening Office Documents; Co-Authoring |
|
Office 365/GCC Custom Integration |
Supports Office 365/ GCC integrations such as Microsoft Flow, Power BI, Teams |
For more information on the R3 GovCloud Workplace offering, our other cloud offerings, and, our support for on premise or private cloud deployment visit our Deployment Options page.