The Business Owner's IT Podcast Ep. 77 - CMMC Explained for Business Owners: What’s Changing? скачать в хорошем качестве

The Business Owner's IT Podcast Ep. 77 - CMMC Explained for Business Owners: What’s Changing?

What does CMMC compliance really mean for business owners, and why should you care now? In this episode of The Business Owner’s IT Podcast, hosts Tony Gerasch and Ryan Carter break down the Cybersecurity Maturity Model Certification (CMMC) in plain English. They share real-world insight from their own journey toward CMMC alignment and explain how this evolving framework impacts businesses working with the Department of Defense (DoD) and other government entities. Whether you’re a manufacturer, contractor, MSP, or business owner handling sensitive data, this conversation walks through what’s changing, where the biggest challenges lie, and why waiting is no longer an option. In this episode, you’ll learn: ✅ What CMMC is and why it exists. ✅ How CMMC affects businesses and service providers. ✅ Why MSPs are choosing to align with CMMC, even when not required (yet). ✅ The hidden costs and operational changes most companies don’t anticipate. ✅ Physical security, access controls, logging, policies, and employee training requirements. ✅ Why “acceptable risk” is no longer acceptable. ✅ How to start closing your compliance gaps before it impacts your contracts. 💡 Tip of the Week: If your business needs to be CMMC compliant, start now. You can’t do this alone, and trying to will cost you more in the long run. ⏰ Chapters: 00:00 — Podcast Introduction 00:13 — Why We’re Pursuing CMMC Certification 00:55 — Why MSPs Matter in CMMC Compliance 01:19 — Are MSPs Required to Be CMMC Certified? 02:10 — What Does CMMC Stand For? 02:25 — Our Timeline for Becoming CMMC Certified 03:22 — Physical Security Requirements (Doors & Building Access) 05:21 — Software Tools and FedRAMP Requirements 06:23 — Why CMMC Services Cost More 06:45 — Employee Training and Access Restrictions 07:31 — MSP Access Risks and Security Controls 09:07 — Understanding the CMMC Gap Assessment 09:38 — What Is Split Tunneling? 10:25 — Logging, SIEM, and Log Retention Requirements 11:30 — Testing Incident Response Readiness 12:35 — NIST Rules on Device Naming 13:23 — Password Policies and MFA Requirements 14:10 — The CMMC Certification Process 14:47 — Helping Businesses Become CMMC Compliant 15:46 — Why Legacy Systems Are a Compliance Risk 16:45 — FIPS Encryption and Hardware Requirements 17:37 — Why CMMC Is Changing the Industry 19:02 — Final Thoughts on CMMC 19:41 — Tip of the Week: Start Preparing Now 20:53 — Tip of the Week #2: Policies Must Be Followed 22:25 — Closing Thoughts If you’re feeling overwhelmed, you’re not alone. Tony and Ryan explain why working with experienced coaches and proven frameworks is the smartest path forward, and how doing it right can actually strengthen your overall security posture. 👇 Join the conversation Have questions about CMMC or compliance frameworks? Drop them in the comments; we’re happy to help. #cmmc #cmmccompliance #cybersecurity 💻 Since 1997, Unique Computing Solutions has been providing businesses with the IT support and IT solutions they need to streamline communications, boost productivity, and increase profitability. Website: https://uniquecomputingsolutions.com/ LinkedIn:   / unique-computing-solutions   Facebook:   / uniquecomputingsolutions   YouTube:    / @uniquecomputingsolutions   Twitter:   / qputing   Instagram:   / qputing   Twitter:   / qputing   Instagram:   / qputing   TikTok:   / uniquecomputingsolutions   Spotify: https://open.spotify.com/show/3ysyf6N... Apple Podcasts: https://podcasts.apple.com/us/podcast...