Skip to content

CMMC Level 3 Compliance Solution

Developed for Microsoft 365 GCC High and Azure Government

The Cybersecurity Maturity Model Certification (CMMC) was released in January of 2020 as the next stage in the Department of Defense's (DoD) efforts to secure the Defense Industrial Base (DIB) and its supply chain, as well as higher education or university-based research labs conducting research on behalf of the DoD. Many, if not most of the DIB and higher education institutions, will be required to meet Level 3 depending on the types of data they handle. Some high-level requirements for meeting CMMC Level 3 include, but are not limited to:

checkmark_redNIST 800-171 compliance plus 20 additional practices and 52 maturity processes

checkmark_redIncident Response (IR) using an approved SIEM solution

checkmark_redA resilient backup and restoration solution

checkmark_redSecuring the handling of CUI 

Summit 7 has served over 500 government contractors, manufacturers, and higher ed research facilities by helping them meet the requirements for DFARS 7012 compliance. Implementation of the Level 3 Solution includes, but is not limited to:

checkmark_redBaselining your Microsoft 365 GCC High tenant

checkmark_redConfiguring Identity Management in the Azure Active Directory

checkmark_redImplementing Microsoft 365 GCC High Exchange Online, Advanced Threat Protection (ATP) and Data Loss Prevention (DLP)

checkmark_redConfiguring AvePoint and Azure backup solutions to your on-premises, cloud, or hybrid environment

checkmark_redImplementing Azure Government Sentinel (SIEM)

checkmark_redConfiguring Microsoft Information Protection (MIP) in your tenant

For more information on CMMC Level 3 requirements, you can check out this page, or watch the video below by Scott Edwards.




2 Parade St NW
Huntsville, AL 35806


Contact Summit 7