• Rick Palermo

Why can't compliance be easy?

What if you could create an environment that met 75% of the security controls required to achieve NIST SP 800-171 compliance in ten minutes?  What if you could easily achieve the other 25% within a few days with minimal effort? What if it only cost you $1,000 a month? Ascolta’s Greenfield Workspace allows you to do all of these.

Seventy-five percent compliant at birth

Hosted in AWS US GovCloud, an Impact Level 5 DoD approved cloud service provider, and utilizing modern DevOps tools and best practices, when a Greenfield Workspace is created it instantly meets 75% of the NIST security controls.  How do we do it? DevOps; the ability to deliver applications and services quickly by unifying software development (the Dev) and software operation (the Ops) through automation and monitoring of software construction, from integration, testing, and releasing to deployment and infrastructure management.The security controls of 800-171 fall into three main categories, technical, process and people. The majority are technical and can be automated through DevOps as the nodes are created in GovCloud. We establish the parameters that meet compliance and then build the environment to reflect those requirements.  If it has a parameter, number, time, amount, restriction, etc. we apply the correct settings and viola! Compliance!

Wizard the rest of the way

But what about the other twenty-five percent?  I don’t want a program of actions and milestones (POAM) hanging over my head.  Greenfield’s easy to follow on-boarding wizard walks you through the remaining process and personnel related controls step-by-step. It’s a little a more involved but understandably so; training, account creation, policy acceptance, etc. are all things that take a little more effort, but we provide all the templates and policies to make it as painless and as least time consuming as possible.  


All this starting at $1,500 a month or, do the math, $18,000 a year.  If you were to do it yourself or outsource it, you’d be looking at a minimum of $60,000 and months of work.  Not to mention the continuous monitoring costs to remain secure and compliant. Greenfield Workspace comes with Red Canary, the best managed security service provider on the market, providing endpoint monitoring for each of your nodes, insuring you stay secure and compliant.

So, what do I get?

The Greenfield Workspace provides a single sign on virtual environment where you can use standard Microsoft Office tools, Word, Excel and PowerPoint.  The Workspace comes with ten seats, additional seats may be added for an additional fee per seat, and enough storage to meet most needs. You upload your encrypted controlled unclassified information (CUI) or have your government client login and upload it for you, do your work, and encrypt and download the file to email to external sources, or again, have your government client login and download it.  The CUI remains protected in the Greenfield Workspace and you stay compliant. We provide all the documentation you need to include the Systems Security Plan (SSP), Program of Actions and Milestones (POAM), and policy templates.

3 views0 comments