Kimball Construction is a privately-held construction company based out of Baltimore, MD., providing new construction, building renovations and additions for Industrial, Commercial, Institutional and Government entities.
The president of Kimball, Lewis Kimball, was aware that in order to continue to service and sell into the Federal Government market, he would need to comply with DoD's new Cybersecurity Maturity Model Certification (CMMC.)
Steve Burkett, Kimball’s IT Director, was tasked with solving this challenge. Steve is the sole IT resource at Kimball, supporting roughly 45 employees between the office and field, not including laborers and contractors.
After investigating CMMC requirements – not just the process of getting certified but the need to maintain ongoing compliance – Steve realized immediately he would need to work with a third party, as they were basically starting from scratch.
After interviewing a variety of MSPs and cyber security consultants, Steve made the decision to partner with Ntiva based on a number of factors, including a fast response time and the accuracy and comprehensiveness of the proposal.
Additionally, Frank Smith, Ntiva’s security lead and CMMC expert, proved to have the depth of knowledge that made the Kimball team feel comfortable that Ntiva had the experience and track record not only in the cyber security arena, but specifically with CMMC.
In addition to working towards CMMC certification, Kimball will also be utilizing Ntiva’s expertise and security solutions on a monthly recurring basis, to ensure they remain compliant.
“It’s very hard, if not impossible, for a company with a small team to meet the ongoing requirements of CMMC compliance without using a third party who have the specialized tools, knowledge and systems,” said Steve.
Kimball Construction are now on the road to ensuring they pass their CMMC audit, and recognize that beyond CMMC, making sure their security practice is in order should always be a top priority.
“It’s not just about being CMMC Level 3 compliant, it’s beneficial in general from an overall security standpoint,” said Steve.
That’s sound advice for any company in today’s environment where the risk and costs associated with cyber threats and attacks is simply to high to ignore, and hiring outside expertise is well worth the investment.