PreVeil vs. GCC High

Sign up for a demo

We Provide The Essential Elements to Simplify Compliance:

A Cloud Platform to Secure, Store & Share CUI

PreVeil’s Email and Drive platform enable an organization to encrypt, store and share CUI in compliance with CMMC Level 2, DFARS 252.204-7012, NIST 800-171 and ITAR regulations.

Organizations can easily add PreVeil to their existing IT environments, dramatically reducing the time and expense required to achieve compliance.

A System Security Plan Template

PreVeil provides a detailed SSP to help organizations avoid the significant time, cost and complexity of developing the document from scratch.

Our SSP was created by leading CMMC-AB certified experts. It provides compliance language for the 80+ CMMC controls PreVeil supports. It also includes detailed policies and procedures to expedite an organization’s compliance journey.

Compliance Consulting

Most organizations will require compliance and IT expertise to meet the complex CMMC requirements. PreVeil’s network of 100s of CMMC-AB certified Provisional Assessors, Registered POs, MSPs and MSSPs can help your organization prepare for a successful audit.

Our CMMC whitepaper details the individual CMMC controls and how PreVeil helps address them.

 

Download our CMMC Whitepaper

PreVeil Gets Contractor to a Maximum NIST 800-171 Score


In 2021, a small defense contractor achieved a maximum NIST 800-171 score meeting 110 out of 110 controls in a rigorous DoD audit. The contractor used PreVeil to protect, store and share CUI. Under CMMC 2.0, the contractor would meet Level 2 certification requirements.
 
To learn more about how the contractor achieved this successful outcome, download our case study.

 

Read the Case Study

Get to Know the PreVeil Platform

PreVeil Drive

PreVeil Drive lets users encrypt, store and share their files containing CUI. Users can easily access these files from their computers or mobile devices and share them with suppliers and partners. Works with Windows Explorer, Mac Finder and on browsers.

 

Learn More About PreVeil Drive

PreVeil Email

PreVeil Email is an encrypted email service that addresses CMMC requirements for communication and storage of CUI. It adds an encrypted mailbox to Outlook and Gmail, letting you continue to use these accounts. Users can send and receive emails just like they are used to while continuing to use their existing email address.

 

Learn More About PreVeil Email

Zero Trust Security

PreVeil assumes a breach is inevitable or has already occurred. However, PreVeil protects CUI anyway.

PreVeil provides unrivaled security for protecting CUI. All user data is secured using end-to-end encryption, which means that the information is only ever encrypted and decrypted on a user’s device -never on the server. In addition, CUI cannot be accessed with stolen passwords nor by using a compromised administrator’s credentials. An organization can also restrict the flow of CUI to their trusted partners and suppliers.

 

Learn More About PreVeil Security

CMMC compliance FAQs

How can I communicate securely with my upstream military agencies or Primes who do not have PreVeil?

PreVeil’s Email Gateway offers its customers a communication channel that enables them to seamlessly send and receive email with Primes or .mil personnel that are restricted from creating a free PreVeil account. Please reach out to PreVeil for more information.

Can I continue to use Commercial O365 or Gmail ifa I need to be CMMC compliant?

You can continue to use platforms like Commercial O365 and Gmail but they must be separated from your compliance boundary and not handle CUI.

How are CMMC Level 2 and NIST 800-171 related?

CMMC Level 2 is built on the foundation of the 110 controls in NIST 800-171. Organizations are expected to meet the requirements spelled out in NIST 800-171.

The DFARS Interim Rule, passed in late 2020, specifically tells companies that they are required to self-assess their current cybersecurity capabilities under NIST 800-171 and report their SPRS score to the DoD. Contractors will either indicate that they meet all 110 security controls or must have a Plan of Actions and Milestones (POAM) which indicates their plan to do so.

Can I use PreVeil to communicate with suppliers?

PreVeil is also an ideal tool for collaborating with suppliers. Contractors can set granular permissions such as read only or view only to maintain control and visibility over their data. They can revoke access anytime by unsharing. PreVeil can be downloaded for free by subcontractors. Primes can be assured their supply chain is compliant and secure.

Can I use PreVeil to manage ITAR data?

Yes, PreVeil can be used to manage ITAR data.

In PreVeil, data is secured using end-to-end encryption and FIPS 140-2 algorithms. Cloud service providers can never access the decryption keys since private keys are stored on the user device. We also store all ITAR data in AWS GovCloud datacenters, enabling easy compliance with data residency requirements.