Skip to content

CMMC Level 2 Compliance Solution

Built On Microsoft 365 GCC High and Azure Government

CMMC 2.0  (Cybersecurity Maturity Model Certification) is applicable to organizations supporting the Department of Defense that handle or process the following types of data:


Many, if not most of the DIB and higher education institutions will be required to meet CMMC 2.0 Level 2. Some high-level requirements and updates for CMMC Level 2 include, but are not limited to:

checkmark_redMeeting NIST 800-171 controls (requirement)

checkmark_redPOAMS will be strictly enforced within 180 days

checkmark_red 3rd Party Audits for all OSCs for CMMC L2

checkmark_redSecuring the handling of CUI (requirement)

Summit 7 has served over 650 government contractors, manufacturers, and higher ed research facilities by helping them meet the requirements for DFARS 7012, NIST 800-171, and CMMC compliance.

Implementation of the CMMC 2.0 Level 2 Solution can include, but is not limited to:

checkmark_redBaselining your Microsoft 365 GCC or GCC High tenant

checkmark_redConfiguring Microsoft Security products to meet NIST 800-171 requirements

checkmark_redSecuring corporate devices with Microsoft Intune

checkmark_redConfiguring Identity Management and MFA in Azure Active Directory 

checkmark_redImplementing Microsoft Purview Information Protection (MPIP)

checkmark_redMicrosoft Defender for data protection

Should my business spend money before CMMC 2.0 rules are established?


For more information on CMMC 2.0 updates, watch this video from Summit 7 Chief Security Evangelist, Jacob Horne. You can subscribe to the S7 YouTube channel to stay updated on all things CMMC 2.0.



2 Parade St NW
Huntsville, AL 35806


Let's Get Started

MicrosoftTeams-image (53)