CMMC Compliance Workshop Wednesday: What Is Control Inheritance and Why Does It Matter in CMMC?
There was a moment during our CMMC Level 2 journey when something that sounded simple turned out to be anything but. It came up in conversations with vendors, reviewers, and even internally as we mapped controls and evidence: “Can’t we just inherit that?” On paper, inheritance sounds like a shortcut. In reality, it is a […]
CMMC Compliance Workshop Wednesday: How Shared Responsibility Changes the CMMC Journey, and What Happens When It’s Missing
Over the past several weeks, we’ve been walking through what our CMMC Level 2 achievement really means: not as a badge, but as a lived experience. We’ve talked about why this matters for our customers, how roles and people (not tools) make compliance work, the practical wins that come from disciplined processes, and the lessons […]
CMMC Compliance Workshop Wednesday: Why a CMMC Level 2 Certified MSP Matters for Customers
When we finished our own CMMC Level 2 effort earlier this year, customers started asking a question that gets to the heart of why we do what we do: “What does it actually mean for us that our MSP is CMMC Level 2 certified?” You’ve read about how we scoped the work, built the documentation, […]
CMMC Compliance Workshop Wednesday: Lessons Learned from our CMMC Level 2 Journey
In the previous installments of Compliance Workshop Wednesday, we shared what our CMMC Level 2 effort looked like behind the scenes, highlighted the roles that made the work sustainable, and outlined the practical outcomes that came from treating compliance as an operating discipline instead of a one‑time event. This week, we want to focus on […]
CMMC Compliance Workshop Wednesday: Practical Outcomes & Organizational Wins
In the first two installments of this series, we pulled back the curtain on what a CMMC Level 2 assessment really looks like from the inside and highlighted the roles that made the effort sustainable. We talked about the scoping decisions, the documentation lift, the technical nuance, and the people who carried the work forward […]
CMMC Compliance Workshop Wednesday: Team Spotlight
The Roles That Made It Happen Last week, in the first installment of Compliance Workshop Wednesday, we talked about what our CMMC Level 2 journey looked like behind the scenes. The scoping. The documentation. The technical work that had to come together long before an assessor ever stepped in. This week, we want to focus […]
CMMC Compliance Workshop Wednesday: Behind the Scenes & Process Insights
We finished our CMMC Level 2 assessment earlier this year, and many people have asked what the process looked like from the inside. This seemed like a good time to share how we approached it at Hill Tech Solutions and what the journey really felt like. We are using this to kickstart “Compliance Workshop Wednesday” providing weekly insights into the process and continual nurturing required for […]
More than Checking Boxes: Hill Tech Achieves CMMC Level 2 C3PAO Certification
Hill Tech Solutions is extremely proud to announce that we’ve achieved CMMC Level 2 C3PAO Certification, the culmination of multiple years of hard work by the entire team. You probably know by now that CMMC refers to the Cybersecurity Maturity Model Certification, a standard required for all DoD contractors handling certain types of sensitive information, […]
What to Do If You’re Not Ready for November’s CMMC Deadline
Beginning on November 10th, cybersecurity compliance through CMMC is no longer optional. However, at least one survey reports that nearly half of all affected organizations claim they’re not prepared despite a multi-year run-up to this point. Here’s a closer look, and what to do if you’re one of those unready contractors: What Changes in November? […]
Lean Enclaves: A Less-Disruptive Path to CMMC Compliance
As the CMMC framework becomes the law of the land for all organizations handling federal contract information (FCI) and/or controlled unclassified information (CUI), many contractors are still trying to get their virtual arms around things like timelines to compliance and costs. Perhaps most importantly, many are grappling with how to get from Point A (current […]
