compliance over time — a continuous process innovation. Of the 30,000-plus Microsoft Partners in the U.S., there are only 276 that are managed Microsoft Partners, and only 54 of those can sell the DoD GCC–High and Azure Enterprise Agreement (EA) licenses. KAMIND IT is one of them. Because the CMMC process and subsequent accreditation are often intimidating, Matt created a four-step process to help organizations prepare. They have also developed a simple DIY kit for CMMC Level 1 attestation. KAMIND is a provider of cloud services in five different areas, including Academic, Corporate, Charity, Government Community Cloud, and GCC High (Azure Government) environments. KAMIND IT security standards are designed around CMMC (Levels 1 and 3), NIST 800-171, and compliance standards so they can help clients build a baseline infrastructure. “If we don’t start addressing cybersecurity and taking it a lot more seriously — every one of us — it’s going to hurt a lot more than just your company,” says Matt. “It potentially could hurt the entire nation.” The Result Is Better Value For Your Clients When a business is designed around a continuous process, it is constantly evolving and has better responsiveness to clients and improved product deliverability. “Microsoft is already DoD- compliant, and so, by going through CMMC and using Microsoft, you’re already picking up all those layers of compliance,” says Matt. “There’s no need to bring in another tool because that could put your organization at a security risk, and you’d have to retrain your team on this new tool.” Think of an MSP business or an IT organization, for example. “Everyone wants to figure out how to leverage the technology so they can offer better service,” explains Matt. “Continuous process, consistency, standardization, a common set of world-class tools — those things drive the business forward.” Once an organization gets a skill set built into their team, it can add more value by building onto those skills instead of teaching new ones. With that kind of education philosophy, businesses can provide unique offerings and, in turn, become price-competitive in the marketplace. Creating Value Whether at General Motors, Intel, or KAMIND IT, Matt has seen the benefits of the continuous process innovation model. KAMIND’s growth has been 25%–30% year over year because they’ve created a strategy of continuous improvement. It’s evident that in another year or two, businesses need to have clear, documented, and verifiable plans in place, and KAMIND’s goal is to help clients get to that next level of growth and bring more value to their team and clients. “It’s about the value you bring to your business and the value you bring to your team, because now you have a homogeneous strategy,” says Matt. “Your team knows how to execute; your team knows what the guardrails are. Your team can provide a better product to your customers and their clients and your clients’ shareholders.” For more information about KAMIND IT, Inc. and Microsoft security, visit KAMIND.com. n
multifactor authentication?” and “Have you deployed security standards?” before they issue policies. Some are even demanding official accreditation. At the state level, governments are trying to decide what standards to implement. All eyes are on states like New York, which released a set of new cybersecurity regulations under 23 NYCRR 500 and is putting ubiquitous standards in place. “There are many companies, including our clients, that are saying that if you want to do business with us, you’re going to have to be at this level of maturity. We recognize that compliance is going to be required, and we better be ready,” says Matt. For many businesses, prior to 2017, cybersecurity
was an afterthought. However, in 18–24 months, Matt points out, businesses will need to prove they are meeting some minimum standard. “Now we are in the
stage where people are demanding proof that you’re doing what you said you’re doing,” says Matt. “It’s no longer acceptable to attest to something … you now have to prove it.” If businesses can’t provide evidence and data to prove they’re meeting compliance standards, they’ll lose out on insurance policies and client loyalty, and they’ll struggle to compete in the marketplace. Cybersecurity Is Foundational To Business Strategy KAMIND’s philosophy is that cybersecurity is a fundamental component of your business strategy. KAMIND provides its clients the capabilities to implement cybersecurity as a foundation that continually improves and builds on itself. It’s a new strategy and has led to KAMIND rethinking how it adapts Microsoft’s strategy and licensing, and how organizations deploy compliance and security management on top of it. Matt knows this strategy is effective because he wrote the book on Office 365, “Securing Office 365: Masterminding MDM And Compliance In The Cloud,” which has sold more than 280,000 copies. KAMIND is committed to spreading the message that organizations can no longer afford to think of cybersecurity as an afterthought. “Unless you put cybersecurity at the core of your strategy, you’re going to struggle through the CMMC process. Not to mention, without a secure foundation, all functions are at risk, including cost, schedule, and performance, which are only effective in a secure environment,” cautions Matt. That’s why Matt helps clients with a new approach: to view security management and compliance as a continuous process by utilizing CMMC so organizations can adapt and evolve successfully and add value to their customers. An Improved Approach: Security Management And Compliance As A Continuous Process CMMC was designed to offer a cost-effective solution for organizations to deploy a layered security strategy at all levels of the business. It builds on existing regulations and verifies by combining cybersecurity best practices from across the industry. It maps the process from basic to advanced cyber-hygiene and reduces the risk of specific cyberthreats. It’s a blueprint for managing security and
MSPSuccessMagazine.com/cyber2022
27
Made with FlippingBook Ebook Creator