PreVeil for International Suppliers Seeking CMMC, DFARS, and ITAR  Compliance

PreVeil offers an exceptional solution for international suppliers involved in the US Defense  Supply Chain, helping them meet complex compliance requirements such as DFARS, ITAR,  and the upcoming CMMC standards. By integrating seamlessly with existing IT systems like  O365, on-premise, and GSuite, PreVeil enables organizations to achieve compliance while  protecting sensitive Controlled Unclassified Information (CUI) with the highest level of  security and maintaining familiar usability.

International suppliers are key components of the US Defense Supply Chain, necessitating  adherence to stringent compliance regulations. These requirements, including DFARS, ITAR,  and CMMC, are particularly challenging for international partners due to conflicts with local  data security laws and unfamiliarity with US regulations.

• DFARS and CMMC: Require CUI to be stored and shared per the 110 Controls of NIST 800- 171. Cloud services must meet FedRAMP Moderate Baseline Equivalent standards, and  encryption must be FIPS validated. 
• ITAR: Requires that data access, including on servers, be restricted to US persons. ITAR  120.54 allows for the use of end-to-end encrypted cloud services without needing US  sovereign storage, provided certain conditions are met, which PreVeil fulfills.

Compliance requirements often conflict with local mandates, making it difficult for  international suppliers to comply without significant changes to their IT environments.  Solutions like Microsoft GCCH and Google Assured Workloads require costly and complex  replacements of existing systems, which are often impractical and expensive.

PreVeil allows organizations to continue using their existing IT systems without any  changes, while adding end-to-end encrypted email and file storage capabilities. Key features  include: 

• Integration with Existing Systems: PreVeil integrates seamlessly with applications like  Outlook and Gmail, and file systems on PC, Mac, and Linux. 
• End-to-End Encryption: Ensures that emails and files are secure from creation to delivery,  meeting ITAR 120.54 requirements. 
• Ease of Use: Maintains familiar workflows and interfaces, minimizing the need for user  retraining. 
• Cost-Effective Compliance: Avoids the high costs associated with replacing existing  systems. Only users handling CUI need PreVeil licenses, and third parties can use PreVeil  Express licenses for free.

• FedRAMP Baseline Moderate Equivalent: Validated by the US Department of Defense’s  DIBCAC. 
• FIPS Validated Encryption: Ensures robust encryption standards. 
• End-to-End Encryption: Complies with ITAR 120.54 regulations. 
• Meets 103/110 NIST 800-171 Controls: Provides guidance on achieving full compliance.

PreVeil offers detailed compliance documentation, reducing the time and cost associated  with achieving compliance. This extensive documentation (over 200 pages) includes videos and tutorials, enabling organizations to either complete the process themselves or  significantly reduce consultant costs.

Multiple customers have achieved perfect scores in CMMC and DFARS assessments  conducted by authorized assessors and DIBCAC, demonstrating PreVeil’s effectiveness in  ensuring compliance.