GBS is NIST Compliant
GBS initiated the National Institute of Standards & Technology (NIST) Special Publication (SP) 800-171 self-certification program at the announcement in 2017 and has worked diligently to conform, assuming the full cost of the resource investment, with the goal of meeting all requirements as a matter of both due-diligence and excellence in performance.
SECURE. INTELLIGENT. ACCESS.
What is NIST SP 800-171?
The National Institute of Standards and Technology (NIST) issued NIST SP 800-171 - a set of 110 controls to maintain robust security hygiene for any organization that handles Controlled Unclassified Information (CUI).
Defense contractors must have all systems, processes and people ready to accept CUI by completing the NIST 800-171 assessment, Plan of Action and Milestones (POAM), and the subsequent summarizing System Security Plan (SSP).
NIST 800-171 is a self-certification program, but GBS brought on a team of 3rd party NIST experts to assess and guide GBS to the highest standards of NIST compliance.
What is NIST SP 800-171?
The National Institute of Standards and Technology (NIST) issued NIST SP 800-171 - a set of 110 controls to maintain robust security hygiene for any organization that handles Controlled Unclassified Information (CUI).
Defense contractors must have all systems, processes and people ready to accept CUI by completing the NIST 800-171 assessment, Plan of Action and Milestones (POAM), and the subsequent summarizing System Security Plan (SSP).
NIST 800-171 is a self-certification program, but GBS brought on a team of 3rd party NIST experts to assess and guide GBS to the highest standards of NIST compliance.
SCDMS® our cloud-based document management system is NIST 800-171 COMPLIANT.
When designing the special document management service SCDMS®, the GBS development team decided to build the system according to NIST standards in order to ensure the most secure environment for our customers.
Having this structural strength provides all SCDMS® and cable maintenance customers with a high level of confidence in the integrity of user access and document control for their undersea cable system documentation.
CMMC 2.0 will encompass 3 Maturity Models that range from “Foundational” to “Expert.”
Levels 1 is comprised of basic security controls capable of handling Federal Contract Information (FCI), while Level 2 "Advanced" is the requirement for handling Controlled Unclassified Information (CUI), per NIST 800-171 requirements.
Level 3 is reserved for defense contractors who are working in a context of advanced persistent threats, and will be necessary for a smaller group of contractors.
The intent is to incorporate CMMC into the Defense Federal Acquisition Regulation Supplement (DFARS) and use it as a requirement for contract awards.
GBS is already preparing to be CMMC compliant in both our operations and with SCDMS, our cloud-based submarine cable document management system.
The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas.
GBS has taken the appropriate measures to build compliance into our website as well as our handling of client data. Questions may be directed to the GBS Data Manager or Data Administrator from our Contact Page.
Read the GBS PRIVACY POLICY here.
