Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.


333 West San Carlos Street
San Jose, California 95110
United States


ChannelPro Network Awards

hello 2
hello 3

News & Articles

December 3, 2020 |

Kaseya Updates Compliance Tool to Assist with New CMMC Requirements

Kaseya Compliance Manager now helps MSPs and their clients perform the security self-assessments that defense contractors must complete as an interim step toward obtaining the government’s Cybersecurity Maturity Model Certification.

Kaseya has updated its compliance management tool for businesses subject to the federal government’s Cybersecurity Maturity Model Certification (CMMC) process.

The CMMC is designed to help contractors and subcontractors that serve the Department of Defense on weapons-related projects protect “controlled unclassified information” (CUI). Every member of the Defense Industrial Base, a collection of over 300,000 organizations that contribute to the design, development, production, delivery, and maintenance of weapon systems, subsystems, and components, will be required to obtain the CMMC and clear a third-party audit by October 1, 2025.

As an interim step that went into effect on Monday, those companies must now perform a self-assessment proving that they are correctly applying the 110 security controls defined in the government’s NIST SP 800-171 rule. The new release of Kaseya Compliance Manager for CMMC guides defense suppliers through that process, automatically scores their compliance using the DoD’s proprietary scoring rubric, and generates the System Security Plan that contractors are now required to upload to the Pentagon’s Supplier Performance Risk System.

“The impact of the DoD’s new interim ruling has sweeping consequences. Every contractor and subcontractor who does business with the DoD must perform the NIST (SP) 800-171 compliance assessment using the DoD’s scoring methodology if they want to continue doing work with 7019/7020 clauses,” said Max Pruger, general manager of Kaseya’s compliance practice, in prepared remarks. 

“Performing and documenting the required self-assessment is a tremendous undertaking that most SMBs are not equipped to do on their own. As such, MSPs have a unique opportunity to help these businesses perform their interim assessments, and prepare for their CMMC third-party audit at the same time. With Kaseya Compliance Manager for CMMC, MSPs can collaborate with their clients to manage the compliance process, offer remediation services for vulnerabilities found during the self-assessment, and provide evidence of compliance for the third-party auditor.”

When fully put into effect, CMMC will include five progressively more rigorous levels that suppliers must qualify for based on the specifics of their DoD contract. Kaseya partners can use Compliance Manager for CMMC to assess a customer’s readiness to complete the third-party auditing process for each of those levels. 

The product currently supports level 1 and 2 assessments. Support for level 3 assessments is set to arrive in the first quarter of 2021.

MSPs who serve clients with CUI will in some cases be required to obtain the CMMC themselves. According to Kaseya, such firms can use the new Compliance Manager for CMMC release to assess their own use of NIST SP 800-171 guidelines. 

“Kaseya Compliance Manager for CMMC is purpose-built to automate the rigorous cybersecurity assessment and documentation process outlined by the DoD so that SMBs and MSPs can proactively ready themselves to bid for these highly competitive contracts,” said Pruger in his prepared remarks.

In addition to CMMC, Compliance Manager offers modules for meeting HIPAA, GDPR, and cyber insurance policy requirements. A module for assessing compliance with standards in the NIST Cybersecurity Framework as well arrived early this year.

Editor’s Choice

Introducing ChannelPro’s Top 20 MSPs for 2024

June 18, 2024 |

These companies lead the way in building up the IT channel, as well as ensuring that their clients run thriving businesses.

Midwest MSPs Treated to Personal Stories, Compelling Demos, and More at ChannelPro LIVE: Columbus Show

June 7, 2024 |

Ohio technology professionals joined ChannelPro to share business best practices at the area’s first-of-its-kind event.

AI-as-a-Service Takes Shape for 3 MSPs

June 4, 2024 |

AvTek Solutions, LAN Infotech, and PCH Technologies share how they are working with the new AI-as-a-Service platform in their day-to-day business.

Related News & Articles

Growing the MSP

Explore ChannelPro


Reach Our Audience