DFARS compliance is mandatory for all DoD contractors by December 31, 2017. DFARS clause 252.204-7008 addresses requirements for safeguarding covered defense information controls in government contractor systems. Covered defense information is a broad term for Controlled Unclassified Information (CUI), which has protection and dissemination requirements. This kind of data is common among DoD contractors and this requirement applies to all contractors regardless of their size. These mandatory controls are detailed in the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171: Protecting Controlled Unclassified Information in Non-Federal Information Systems and Organizations.
There are 109 controls in the NIST Special Publication and 19 of them pertain to data storage, data management, data sanitization, encryption, key management, access control, and audit accountability. The SDP2 platform delivers high performance shared storage with FIPS 140-2 Certified key orchestration and data encryption. SDP2 is a drop in solution you can use to host any virtualized infrastructure, application or file shares without a change to your current workflow. For a detailed list of controls, and to see how SDP2 satisfies the control, review the list below.