"We did," Elena said. "And for the first time, I’m not dreading the next audit cycle. The system is actually mature."
Dr. Aris spent the morning probing the network. He requested logs for a specific file transfer involving CUI that occurred three months ago.
“But we’re upgrading to the CMMC module,” she added, sliding a project plan across the desk. “And you’re the owner of control AU.L2-3.3.6. Congratulations. You now have a weekly calendar invite to review login failures, file hash mismatches, and admin privilege escalations.” "We did," Elena said
It was the day of the mock audit. AeroSync had deployed GlobalSCAPE EFT in a locked-down configuration. Elena sat with an external consultant, Dr. Aris, who was simulating a CMMC assessor.
Marcus nodded. "We have a shortlist. But given our need for strict Access Control (NIST 3.1) and Audit Logging (NIST 3.3), I want to take a hard look at GlobalSCAPE. Specifically, their Enhanced File Transfer (EFT) platform." Aris spent the morning probing the network
"Native support," Marcus confirmed. "We can plug in an MFA provider easily. No custom scripting required. That checks a big box for Control 3.5.3."
Mara nodded. That was the baseline.
Mara’s jaw tightened. “So, a gap.”