Evaluate The Security Software Company Globalscape | On Cmmc Compliance

“Let’s walk the 110 controls,” Priya said. “Good news first: For AC.L2-3.1.1 (authorized access) and SC.L2-3.13.11 (FIPS-validated cryptography), we’re solid. Our OpenPGP standard and AES-256 are FIPS 140-2 validated. Your data in transit is safe from the Chinese cyber actors you’re worried about.”

A skeptical CISO must evaluate a legacy secure file transfer vendor, Globalscape, to determine if its tools can survive the unforgiving lens of CMMC Level 2 compliance.

But Mara knew the DoD’s new rule: No CMMC, no contracts. “Let’s walk the 110 controls,” Priya said

Tom’s smile faded. “That’s not engineering.”

Priya didn’t flinch. She shared her screen. Your data in transit is safe from the

Mara Chen, CISO of Defense Kinetic Solutions , stared at the clock on her laptop. 11:47 PM. Her third cup of cold brew sat beside a stack of printed SSPs (System Security Plans). In six weeks, her company would face its first Joint Surveillance Voluntary Assessment (JSVA) for CMMC Level 2.

Mara nodded. That was the baseline.

Bottom line: Globalscape EFT, when configured with the v8.4 CMMC module and integrated with our SIEM, meets 92 of 110 CMMC Level 2 controls out of the box. The remaining 18 controls (primarily in Awareness & Training and Risk Assessment) are organizational responsibilities. Recommendation: Approve for use within the Controlled Unclassified Information (CUI) environment, contingent on implementing the attached Configuration and Governance Gap Closure Plan.