Summary
This case study details the CMMC compliance efforts undertaken by Kearney & Company, a financial firm that provides services to federal agencies. The objective of the case study is to illustrate how Red River, a managed services provider, assisted Kearney in achieving compliance with the Cybersecurity Maturity Model Certification (CMMC). The CMMC is a tiered compliance framework managed by the Department of Defense, aimed at evaluating the maturity of an organization’s cybersecurity practices. Red River designed a solution utilizing AWS GovCloud and stackArmor to create a secure environment that meets CMMC requirements. The solution included building an enclave in AWS GovCloud, implementing physical access controls, and ensuring that all workloads handling Controlled Unclassified Information (CUI) were compliant. Additionally, the case study outlines the shared responsibility model for security between Kearney and AWS, highlighting the operational efficiencies gained through this partnership. The results demonstrate how Red River's expertise facilitated a smooth deployment of compliant cloud technology for Kearney.
