SECURITY
Related Posts
- JAMIS’ Customer, Cask Government Services; One of Only Four Authorized as a CMMC Third Party Assessor Organization (C3PAO) by the CMMC-AB
- JAMIS Customer Edwards Performance Solutions is the First Licensed Partner Publisher to Have Their Training Curriculum Accepted by the CMMC-AB
- JAMIS Harnesses Power of Cyber Security Experts to Form CMMC Readiness Group
Webinars
ERP Security, the CMMC, and Navigating the Modern Landscape
Watch On-Demand Video
JAMIS Provides Enterprise-Grade Data Protection Solutions for GovCon
JAMIS is committed to providing the most secure code on the market, and that is why we are happy to disclose how we take care of our code. In addition, JAMIS Prime is the first ERP in the GovCon space to deliver built-in multi-factor authentication, increasing your protections against cyber criminals.
JAMIS believes in ensuring our team is doing the right thing with the security of your data and delivering a world class solution. Part of this commitment means having an independent expert validate our Security and Compliance posture.
JAMIS Security and Compliance:
Cybersecurity Maturity Model Certification (CMMC)
At JAMIS Software Corporation, we recognize and are fully aware that the Department of Defense (DoD) is set to finalize Cybersecurity Maturity Model Certification (CMMC) compliance into law for select federal contractors, with its implementation likely occurring by the end of this year. Understanding the significant impact this may have on your business, we have been diligently working over the past few years to develop and refine options to support our clients through this transition. We are committed to providing solutions that align with your cybersecurity compliance needs and help you navigate the evolving regulatory landscape.
NIST SP 800-171 (DFARS 252.204-7012)
National Institute of Standards and Technology (NIST) Special Publication 800-171 governs the storage, use and control of Controlled Unclassified Information (CUI) in Non-Federal Information Systems and Organizations. These standards define how to safeguard and distribute material designated by the United States Government to be sensitive but not classified.
Under federal regulations, such as DFARS clause 252.204-7012, certain companies and agencies are required to assess and document their compliance against NIST SP 800-171. This requirement includes assessing how networks are configured and how all data is protected. Ask the JAMIS team about the solutions available to your organization if these standards apply to your business.
SSAE-18 SOC 1 Type II
SSAE (Statements on Standards for Attestation Engagements) SOC (Service Organization Control) reports were created by the AICPA (American Institute of Certified Public Accountants) in order to set compliance standards and keep pace with the rapid growth of cloud computing and businesses outsourcing their services to third-party providers.
The SSAE 18 SOC 1 report focuses on a service provider’s processes and controls that could impact their client’s internal control over their financial reporting (ICFR).
Multi-Factor Authentication
The U.S. Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) will require that companies implement Multi-factor Authentication (MFA) to protect “controlled unclassified information” (CUI). JAMIS Prime version 7.0 is the only GovCon ERP offering native Multi-Factor Authentication as a turnkey solution. We think it’s essential that your organization take the necessary steps to keep your data safe and secure. With JAMIS, you only have to enable the feature, without the hassle of implementing a 3rd party tool.
Secure Code
With approximately 30 percent of all breaches occurring as a result of a vulnerability at the application layer, software purchasers are demanding more insight into the security of the software they are buying. CA Veracode Verified empowers JAMIS to demonstrate its commitment to creating secure software. Organizations that have their secure development practice validated, and their application accepted into the Standard Tier, have demonstrated that the following security gates have been implemented into their software development practice:
- Assesses first-party code with static analysis
- Documents that the application does not allow flaws in first-party code
- Provides developers with remediation guidance when new flaws are introduced
JAMIS Listing in the Veracode Verified Directory: https://www.veracode.com/verified/directory
Explainer Video on Veracode: View Video