SECURITY

At JAMIS Software Corporation, we recognize and are fully aware that the Department of Defense (DoD) has finalized Cybersecurity Maturity Model Certification (CMMC) compliance into law for federal contractors, with its implementation likely occurring by the end of this year. Understanding the significant impact this may have on your business, we have been diligently working over the past few years to develop and refine options to support our clients through this transition. We are committed to providing solutions that align with your cybersecurity compliance needs and help you navigate the evolving regulatory landscape.

As a cloud service provider, JAMIS is currently in the process of FedRAMP Moderate compliance, and expects to complete its assessment in July 2025.

SSAE (Statements on Standards for Attestation Engagements) SOC (Service Organization Control) reports were created by the AICPA (American Institute of Certified Public Accountants) in order to set compliance standards and keep pace with the rapid growth of cloud computing and businesses outsourcing their services to third-party providers.

The SSAE 18 SOC 1 report focuses on a service provider’s processes and controls that could impact their client’s internal control over their financial reporting (ICFR).

The U.S. Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) will require that companies implement Multi-factor Authentication (MFA) to protect “controlled unclassified information” (CUI).  JAMIS Prime version 7.0 is the only GovCon ERP offering native Multi-Factor Authentication as a turnkey solution.  We think it’s essential that your organization take the necessary steps to keep your data safe and secure. With JAMIS, you only have to enable the feature, without the hassle of implementing a 3rd party tool.

With approximately 30 percent of all breaches occurring as a result of a vulnerability at the application layer, software purchasers are demanding more insight into the security of the software they are buying. CA Veracode Verified empowers JAMIS to demonstrate its commitment to creating secure software. Organizations that have their secure development practice validated, and their application accepted into the Standard Tier, have demonstrated that the following security gates have been implemented into their software development practice:

- Assesses first-party code with static analysis
- Documents that the application does not allow flaws in first-party code
- Provides developers with remediation guidance when new flaws are introduced

JAMIS Listing in the Veracode Verified Directory: https://www.veracode.com/verified/directory

Explainer Video on Veracode: View Video

If you find a bug, vulnerability, or other flaw in any of our sites or Services, we encourage you to submit them to us. We have created a vulnerability disclosure page that describes this process.