What questions do you have?
Do I need to implement the Cyber Maturity Model?

If you have a government contract (or are a subcontractor on a government contract), you attested that you would take at least basic measures to safeguard Federal Contract Information (FCI).  Government contractors can be audited at any time to verify they are in compliance.  DoD contractors will need to undergo formal certifications starting in 2021. 

There are other CMMC compliance products out there. What makes RocketCMMC different?

Some products have questionnaires that identify gaps, but don’t help you develop your policies.  Other products just give blank templates that you need to fill out.  RocketCMMC® uses a patent-pending walkthrough process.  The walkthrough provides industry standard security practices that will actually make you  CMMC-compliant. Our process gets you your actual security policies – not templates.  If you have gaps, our security pros will tell you the most cost-effective way to close those gaps. 

You offer multiple product options. Which one is right for me?

If you have a pretty good handle on information security you can probably use the basic edition. If you’d like a little more direction from a security professional and the peace of mind of audit support, the standard option is probably best.  If this is new to you and you need ever more help, the concierge option offers the most support.  Since we offer a free preview, you’ll get a good idea of what you need before you buy.  And, you can always upgrade at any time.

How do you secure my data?

RocketCMMC is hosted in Google’s Northern Virginia cloud data center.  Data is stored in the United States.  We periodically scan our environment for security vulnerabilities and update our software infrastructure to the latest secure versions. Our site is protected by TLS encryption and hardware firewalls.  Data is backed up daily.  We also block IP addresses from countries that have significant security risks, such as China and Russia.