JAMIS Software

Search Icon View Demo

MENUMENU
  • Products
    • JAMIS Prime ERPProduct Overview
      • Project Accounting & FinanceCost Accounting For Government Contractors
      • Time and Expense ManagementTimesheets, Time Off Management, and Expense Reporting
      • Customer Relationship Management (CRM)Opportunity Lifecycle Management
      • Asset ManagementFixed Assets, Depreciation, and Government Property Management
    • Hide ItProduct Overview
      • Contract ManagementContract Lifecycle Management
      • Business Planning SuiteBid & Proposal, Budgeting, and Forecasting
      • Distribution ManagementRequisitions, Purchasing, and Inventory Management
      • Dashboards & Business IntelligenceReal-time Reporting, Inquiries, & Dashboards
    • JAMIS HumanicProduct Overview
      • Human Capital ManagementHR, Recruiting, Onboarding, Benefits, Compensation, and Learning
      • Payroll ManagementDomestic & International Payroll, & Outsourced Tax Services
  • Services
    • Implementation Services & Consulting
    • Customer Support
    • JET - JAMIS Education & Training
    • JAMIS Cloud Services
    • System Customization
  • Resources
        • Get the JAMIS edge in Government Contracting

          JAMIS is a true cloud ERP system that breaks down barriers and helps drive collaboration and knowledge-sharing across your organization, so your people can do what they do best.

          Why JAMIS?
          DCAA Compliance
          Security

          Resources
          • Webinars & Videos mega menu arrow
          • Whitepapers mega menu arrow
          • Prime Insights Blog mega menu arrow
          • Datasheets mega menu arrow
          • Case Studies mega menu arrow
          FEATURED CONTENT
          JAMIS Prime 7.0 Release

          Nucleus Research ROI Case Study

          Read the details of our recent Nucleus Research ROI Case Study, which thoroughly examines the actual benefits a customer achieved from a Prime ERP deployment. All case studies follow a consistent methodology designed to deliver an assessment of the direct and indirect benefits realized along with the financial results achieved.

          Learn more mega menu arrow

  • Events
    • GovCon Webinar Series
    • Lunch and Learn Series
    • JAMIS Summit 2023
  • Company
    • About JAMIS
    • Company News
    • Management Team
    • Partners & Affiliates
    • Careers
    • Office Locations
  • Contact Us

Security

Learn More

Security Infosheet

CMMC Readiness Group

Related Posts

  • JAMIS’ Customer, Cask Government Services; One of Only Four Authorized as a CMMC Third Party Assessor Organization (C3PAO) by the CMMC-AB
  • JAMIS Customer Edwards Performance Solutions is the First Licensed Partner Publisher to Have Their Training Curriculum Accepted by the CMMC-AB
  • JAMIS Harnesses Power of Cyber Security Experts to Form CMMC Readiness Group

Webinars

On-Demand: ERP Security, the CMMC, and Navigating the Modern Landscape

JAMIS Provides Enterprise-Grade Data Protection for GovCon

JAMIS is committed to providing the most secure code on the market, and that is why we are happy to disclose how we take care of our code. In addition, JAMIS Prime is the first ERP in the GovCon space to deliver built-in multi-factor authentication, increasing your protections against cyber criminals.

JAMIS believes in ensuring our team is doing the right thing with the security of your data and delivering a world class solution. Part of this commitment means having an independent expert validate our Security and Compliance posture.

CISA Issues Shields Up Warning

In light of the heightened risk of cyber warfare following Russia's invasion of Ukraine this week, JAMIS is closely following the Cybersecurity & Infrastructure Security Agency (CISA) “Shields Up” guidance.  CISA recommends that all organizations - regardless of size - adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.

While there are no specific or credible cyber threats to JAMIS customers or the United States at this time, Russia’s has been involved in cyber-attacks on Ukrainian government and critical infrastructure organizations, that may impact organizations both within and beyond the region, particularly in the wake of sanctions imposed by the United States and our Allies. CISA advises that every organization, large and small, must be prepared to respond to disruptive cyber activity.

CISA’s guidelines include actions that will: reduce the likelihood of a damaging cyber intrusion, take steps to quickly detect a potential intrusion, ensure that the organization is prepared to respond if an intrusion occurs, and maximize the organization's resilience to a destructive cyber incident.  Read More >

JAMIS Security and Compliance:

Cybersecurity Maturity Model Certification (CMMC)

The U.S. Department of Defense (DOD) recently updated the Cybersecurity Maturity Model Certification (CMMC) program with a version 2.0. The idea behind this initiative is to merge several cybersecurity control standards, including NIST SP 800-171, into a single, unified standard. The DOD will ultimately place CMMC requirements into its contracts, and the CMMC Accreditation Body (CMMC-AB) is the third-party entity that issues the accreditations to assessors.  Once CMMC 2.0 is codified through rulemaking, the Department will require companies to adhere to the revised CMMC framework according to requirements set forth in regulation.

JAMIS is actively incorporating the CMMC 2.0 framework as it becomes available into its JAMIS Cloud compliance and security posture.

Secure Code

With approximately 30 percent of all breaches occurring as a result of a vulnerability at the application layer, software purchasers are demanding more insight into the security of the software they are buying. CA Veracode Verified empowers JAMIS to demonstrate its commitment to creating secure software. Organizations that have their secure development practice validated, and their application accepted into the Standard Tier, have demonstrated that the following security gates have been implemented into their software development practice:

- Assesses first-party code with static analysis
- Documents that the application does not allow flaws in first-party code
- Provides developers with remediation guidance when new flaws are introduced

JAMIS Listing in the Veracode Verified Directory: https://www.veracode.com/verified/directory

Explainer Video on Veracode: View Video

NIST SP 800-171 (DFARS 252.204-7012)

The JAMIS Cloud Services Team has applied the required risk management framework including conducting the activities of security categorization, security control selection and implementation, security control assessment, system authorization, and security control monitoring, and has taken the necessary steps in meeting data security standards and regulations of NIST SP 800-171 and DFARS 252.204-7012 for our customers.

Defense contractors routinely process, store and transmit sensitive federal information to assist federal agencies in carrying out their core missions and business operations. Federal information is also shared with state and local governments, universities and independent research organizations.

To keep this information secure, Executive Order 13556 established the Controlled Unclassified Information (CUI) Program to standardize the way the executive branch handles unclassified information that requires protection, such as personally identifiable information.

JAMIS has performed all of the mandatory procedures to meet the requirements of the DFARS guidelines and meet or exceed the information security requirements established for Department of Defense (DoD) contractors.

SSAE-18 SOC 1 and SOC 2

SSAE (Statements on Standards for Attestation Engagements) SOC (Service Organization Control) reports were created by the AICPA (American Institute of Certified Public Accountants) in order to set compliance standards and keep pace with the rapid growth of cloud computing and businesses outsourcing their services to third-party providers.

The SSAE 18 SOC 1 report focuses on a service provider’s processes and controls that could impact their client’s internal control over their financial reporting (ICFR).  The SOC 2 is a separate report that focuses on controls at a service provider relevant to security, availability, processing integrity, confidentiality, and privacy of a system. It ensures that your data is kept private and secure while in storage and in transit and that it is available for you to access at any time.

The SOC 1 and SOC 2 reports come in two forms: Type I and Type II. Type I reports evaluate whether proper controls are in place at a specific point in time. Type II reports are done over a period of time to verify operational efficiency and effectiveness of the controls.

Multi-Factor Authentication

The U.S. Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) will require that companies implement Multi-factor Authentication (MFA) to protect “controlled unclassified information” (CUI).  JAMIS Prime version 7.0 is the only GovCon ERP offering native Multi-Factor Authentication as a turnkey solution.  We think it’s essential that your organization take the necessary steps to keep your data safe and secure. With JAMIS, you only have to enable the feature, without the hassle of implementing a 3rd party tool.

facebook twitter youtube linkedin
Copyright © 2022 JAMIS Software Corporation. All rights reserved. Legal | Sitemap
JAMIS Headquarters | 4909 Murphy Canyon Rd., Suite 460, San Diego, CA 92123
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Reject
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT