Kristen Smith
Amazon Web Services has achieved Cybersecurity Maturity Model Certification Level 2 certification for its Controlled Working Environment.
CWE was built to support Department of Defense and federal government operations through the management of sensitive data, including federal contract information, controlled unclassified information and International Traffic in Arms Regulations data, in compliance with Defense Federal Acquisition Regulation Supplement, the National Institute of Standards and Technology Special Publication 800-171 revision 2 and CMMC Level 2 requirements.
C3PAO Assessment
Cybersecurity advisory firm Coalfire assessed CWE’s CMMC Level 2 compliance as a certified CMMC third-party assessment organization and registered provider organization.
The CMMC Level 2 certification is awarded to entities that implement 110 security requirements outlined in NIST SP 800-171 Revision 2. According to AWS, Coalfire Federal’s assessment team gave AWS a perfect 110 score.
The certification is valid for three years, with follow-up assessments to be conducted annually to maintain the compliance status.
While upholding CMMC Level 2 certification requirements, AWS is implementing additional security controls and processes to achieve CMMC Level 3 certification and enhance the company’s ability to protect advanced DOD programs.
