The Leading CMMC Compliance Solution

PreVeil’s 3 Part Solution for CMMC & DFARS Compliance

If you process Controlled Unclassified Information (CUI), you are currently required to meet NIST 800-171/ DFARS 7012. Protect your business from penalties and contract loss.

Email & Drive file collaboration protect CUI with end-to-end encryption. Meets FedRAMP, FIPS 140-2, and DFARS 7012 c-g.

All the templates, definitions and training videos for you to customize and fully document your program with PreVeil.

Support through your entire compliance journey- from prep to assessment- through our compliance team & network of CMMC consultants & auditors.

PreVeil is the first company to fully meet the stringent, updated DoD requirements for FedRAMP Moderate Equivalent. The DoD’s assessment entity, DIBCAC, alongside the CMMC Program Office, have established our Equivalency through an in-depth analysis of the Body of Evidence (BOE) we provided. We have 100% compliance with FedRAMP Moderate baseline controls and zero POA&Ms. Since FedRAMP is an essential requirement for CUI in the cloud, customers can be confident in their ability to be CMMC and DFARS compliant with PreVeil.

PreVeil Email and Drive are an encrypted cloud service to store and share CUI for NIST 800-171 and CMMC compliance. PreVeil significantly increases SPRS scores and is seamlessly integrated with an organization’s O365, Exchange or Google Workspace.

PreVeil’s File Sharing and Email platform enables contractors to protect CUI with end-to-end encryption and supports 102 out of 110 NIST 800-171 controls. Contractors can achieve Zero Trust security for CUI and demonstrate substantial compliance with DFARS 7012 and CMMC.

A detailed SSP is essential to demonstrate compliance. PreVeil provides a templated, self-service SSP that specifies how our platform- in conjunction with customer policies and procedures- supports 102 NIST 800-171 controls.

DFARS 7019 requires organizations to compute their NIST 800-171 compliance score and report it to the DoD’s SPRS database. By adopting our 3-part solution, this PreVeil customer increased their SPRS score by over 80 points.

In addition to NIST 800-171, PreVeil provides support for DFARS 7012 (c-g) Incident Reporting, meets FedRAMP Moderate Baseline Equivalent and uses FIPS 140-2 validated encryption modules to protect CUI.

Includes supporting compliance artifacts, a video series detailing the 14 NIST 800-171 control families, and commentary from an authorized C3PAO.

We provide 1×1 support through your entire compliance journey – from prep to assessment through our network of CMMC consultants and auditors.

Why Leading Defense Contractors Use PreVeil

Deploys in hours using your existing email addresses and integrates with Outlook, Gmail, and all their usual workflows.

Only users handling CUI require a low-cost, all-inclusive license.

Defense contractors using PreVeil have received perfect 110/110 scores in rigorous DoD Audits (DIBCAC High and JSVA).

A 300-employee defense contractor using PreVeil’s technology platform, documentation and 1×1 Compliance Support achieved a maximum 110/110 NIST 800-171 score in a rigorous audit conducted by C3PAOs under the Joint Surveillance Voluntary Assessment program (JSVA). The C3PAO intends to issue CMMC Level 2 Certifications once rule making establishes CMMC.

We’re leaps and bounds ahead of where we would have been if we hadn’t gone with PreVeil’s policies and procedures. I look at what we wrote before PreVeil and it was barebones; what PreVeil offered was much more detailed which is something I’m really happy with because when we deal with auditors, the more information we can share with them the better.

Kelly Smith

Director of Business Administration MEC2

If you process Controlled Unclassified Information (CUI), you are currently required to meet NIST 800-171/DFARS 7012. Protect your business from penalties and contract loss.

Get to Know the PreVeil Platform

Encrypt, store and share files, on any device. Works with Windows Explorer, Mac Finder and on browsers.

Send and receive end-to-end encrypted emails using your existing email address from Outlook, Gmail, Apple Mail, PreVeil’s app or your browser.

PreVeil comes with encrypted storage for your email and files containing CUI. All data is automatically stored on Amazon’s FedRAMP High GovCloud.

PreVeil implements NSA-recommended Zero Trust security and assumes a breach is inevitable. We secure all data using end-to-end encryption, making it useless to hackers. Information is only ever encrypted and decrypted on a user’s device -never on the server. It can also be recovered from a Ransomware attack. Organizations can restrict the flow of CUI to their trusted partners and suppliers.

CMMC Compliance FAQs

PreVeil’s Email Gateway offers its customers a communication channel that enables them to seamlessly send and receive email with Primes or .mil personnel that are restricted from creating a free PreVeil account. Please reach out to PreVeil for more information.

You can continue to use platforms like Commercial O365 and Gmail but they must be separated from your compliance boundary and not handle CUI.

Under CMMC 2.0, requirements for the new Level 2 (Advanced)—the level comparable to the old CMMC Level 3—will be in complete alignment with NIST SP 800-171 security controls.

PreVeil is also an ideal tool for collaborating with suppliers. Contractors can set granular permissions such as read only or view only to maintain control and visibility over their data. They can revoke access anytime by unsharing. PreVeil can be downloaded for free by subcontractors. Primes can be assured their supply chain is compliant and secure.

Yes, PreVeil can be used to manage ITAR data.

In PreVeil, data is secured using end-to-end encryption and FIPS 140-2 algorithms. Cloud service providers can never access the decryption keys since private keys are stored on the user device. We also store all ITAR data in AWS GovCloud datacenters, enabling easy compliance with data residency requirements.