Network Coverage sets standard in CMMC & multi-framework compliance for MSPs

by: A-LIGN 5 min

netcov 1200x1200

Network Coverage is a managed service provider (MSP) that integrates technology and cloud solutions within business operations to improve productivity and security with as few issues and disruptions as possible.

Based in Danvers, MA and founded in 1996, Network Coverage strives to help organizations find solutions that support their business strategy in effective, accessible, and pragmatic ways enabling them to optimize performance while focusing on their core business objectives.

Network Coverage partners with A-LIGN to achieve SOC 2 and ISO 27001 excellence and most recently, CMMC certification.       

The challenge: Diverse compliance demands and navigating new DoD security requirements

Network Coverage’s clients include U.S. Department of Defense (DoD) subcontractors across various industries. When NIST 800-171 was published in 2015, Network Coverage developed a cybersecurity management offering — a service not commonly provided by MSPs at that time.

As the company expanded their service offerings and its own compliance program, Network Coverage decided to pursue ISO 27001 certification and SOC 2 Type 2 with A-LIGN to fulfill enterprise customer demands.

Network Coverage greatly anticipated the effects of the DoD’s Cybersecurity Maturity Model Certification (CMMC) program on their business.  The company adapted from NIST 800-171 to CMMC version 1.0, and eventually adjusted to CMMC 2.0.

To better focus on multi-framework compliance while offering their own managed service offerings, Network Coverage required an audit partner who understood their unique needs with experience in framework extensibility.

The solution: Engaging a C3PAO with framework extensibility and federal compliance expertise

Network Coverage looked for a C3PAO with extensive experience and an understanding of their unique compliance needs as an MSP, particularly as they prepared for CMMC.

They chose to engage A-LIGN for their compliance program. Network Coverage found the auditors at A-LIGN were exceptionally skilled, knowledgeable, and professional. There are no surprises when working with A-LIGN.  Milestones are met in a timely manner, quality reports are delivered on time, and fieldwork plans remain consistent, alleviating stress for the Network Coverage staff.

As Network Coverage expands their security program, they have relied on A-LIGN’s readiness tools to help them prepare to achieve compliance excellence and appreciated the visibility into control crossover among multiple frameworks like SOC 2 and ISO 27001.

Having an assessor like A-LIGN, who can crosswalk multiple frameworks, has been a huge time saver for us. Utilizing evidence across various audits has been phenomenal as we continue to add requirements to our stack.

Bridget Wilson

SVP of Governance, Risk & Compliance

The strategic move by Network Coverage to engage A-LIGN as their C3PAO has provided formal validation of their control set and enhanced their marketability as a reputable and trusted MSP ahead of the anticipated launch of CMMC 2.0.

As Network Coverage leads the way in CMMC compliance, they advise subcontractors to review contracts to determine the required CMMC level and conduct a needs assessment. They emphasize planning and budgeting for CMMC readiness, partnering with compliance experts as needed, and preparing for third-party certification with a C3PAO.

They highlight recent clarifications for MSPs and MSSPs and stress that compliance is crucial to prevent disasters. Continuous monitoring, auditing, accountability, and incident response are essential to protect DoD information. They also underscore the need for a 24/7 incident response team, regular control testing, and ongoing staff training through drills.

Network Coverage understands that many subcontractors are still navigating the complexities of cybersecurity and compliance. They are committed to being visible and accessible while also aspiring to strengthen their own compliance program with the help of A-LIGN.

About Network Coverage

Network Coverage was founded in 1996 as an end-to-end Managed Service Provider, with focused attention on the intersection between sophisticated technology solutions and successful business strategy. We work with organizations to develop and deploy intelligent and intuitive solutions right at that intersection, navigating the complexity and opportunity across the technology landscape while addressing ever-growing compliance and security needs with industry leading expertise and experience. Visit www.netcov.com/ for more information.