Defense High GCCH

Cybersecurity Triumph: eShare's Strategic Solutions for Transitioning to Microsoft's GCCH Environment and Achieving CMMC Compliance for Defense Industrial Base

A prominent player in the aerospace and defense industry, that stands as a testament to innovation and excellence. With a rich history spanning decades, the company has established itself as a leader in manufacturing cutting-edge aerospace technologies, catering to the rigorous demands of both commercial and military sectors. As part of the esteemed Defense Industrial Base, the company plays a pivotal role in supporting national security initiatives, driving advancements in aviation, and contributing to the nation's technological prowess. With a steadfast commitment to quality, safety, and technological advancement, the company continues to redefine the boundaries of aerospace engineering, shaping the future of flight for generations to come.

In order to meet its obligations with the Department of defense, the company must control access sensitive program data that is categorized as Controlled Unclassified Information (CUI) as part of its CMMC regulatory obligations. eShare enables secure external collaboration while keeping customer regulated data in a compliant space and governance of access to that data internally and externally.

From eShare's perspective, this partnership posed several challenges, which are outlined below:

Constraints & External Collaboration: Engineers were unable to email large files due to technical and regulatory constraints, necessitating the use of homegrown solutions or physical delivery methods like hard drives. Additionally, the company needed to collaborate with an extensive network of suppliers and share large files securely, which posed a challenge due to the aforementioned constraints. As a result, the existing methods of collaboration caused delays in the delivery of goods due to the time-consuming nature of transferring large files via homegrown solutions or physical means. Last, there was a need to ensure compliance with regulatory requirements while facilitating external collaboration, which added complexity to the process.

Validation & Controls: The company relied on a manual process to validate user access to data with Export Control or ITAR requirements. However, this manual process was error-prone and lacked active controls, potentially allowing unauthorized individuals to access regulated data. Additionally, the company did not have mechanisms in place to ensure that only individuals with the appropriate nationality, residency, and/or license could access regulated data, thus posing compliance risks.

Risks of Data Sharing: The company’s adoption of a single-tenant architecture for both US and non-US personnel within their M365 GCCH tenant posed a risk of unintentional data sharing with non-US engineers within the organization. So, there was a need to mitigate the risk of unintentional data sharing within the organization’s M365 GCCH tenant to ensure compliance and data security.

Transition from a non-Compliant Environment: The organization started migrating from a legacy, non-compliant environment used for their government program data, a process that poses challenges related to data compatibility, integrity, and security during the migration process. Subsequently, eShare must ensure that the chain of custody for the migrated data is maintained throughout the migration process, guaranteeing its integrity and reliability. Also, it needs to be ensured that access controls are effectively transferred and maintained during the migration toGCCH, preventing unauthorized access to sensitive government program data.

In light of these challenges, eShare has offered advisory services to the organization –the advisors guided the replacement of numerous point solutions- and embarked on a strategic initiative, tailoring specific solutions to address each challenge comprehensively:

External Collaboration: Understanding the challenges faced by their partner in collaborating with their extensive network of suppliers and sharing large data files efficiently, eShare stepped in to provide a solution. Recognizing the technical and regulatory constraints hindering engineers from simply emailing files, eShare facilitated swift external collaboration. Leveraging our expertise, we ensured seamless data sharing within moments while maintaining data integrity within our partner’s compliant GCCH tenant. This intervention not only mitigated risks for the organization but also significantly shortened the timeline for collaboration and delivery of goods. With eShare's support, the organization could now collaborate with suppliers more effectively, streamlining operations and enhancing overall efficiency.

Export Control Governance: Recognizing the challenges faced by the organization in ensuring compliance with Export Control or ITAR requirements for sensitive data, eShare intervened with a tailored solution. Understanding the limitations of the manual validation process, which was error-prone and lacked active controls, eShare developed an attribute-based governance module for external sharing. This innovative solution introduced active controls to ensure that only individuals with the appropriate nationality, residency, and/or license could access regulated data. Through this intervention, eShare enabled the organization to effectively manage access to sensitive data, minimizing the risk of unauthorized access and ensuring stringent compliance with regulatory requirements.

Internal Governance: To mitigate the risks associated with the organization's adoption of a single-tenant architecture, eShare developed the Advanced Collaboration Governance solution. This proactive solution continuously monitors and safeguards against oversharing, ensuring that sensitive data remains protected and that the organization's data-sharing practices comply with stringent security standards.

Advisory Services & MSSP Offering: eShare has played a crucial role in supporting the organization’s transition to Microsoft 365 by offering comprehensive advisory services. These advisors guided the partner in replacing numerous point solutions and adopting a Microsoft First strategy, ensuring a Zero Trust architecture to protect their assets in the new environment. Additionally, understanding the complexities of data protection, eShare provided Managed Security Service Provider (MSSP) services. This includes managing both the eShare collaboration and governance platform, as well as the Microsoft Purview line of products, thereby ensuring robust data protection and governance for the organization.

With a workforce of 65,000 employees and contractors, the organization relies on eShare's expert guidance to securely exchange data, ensuring seamless and compliant collaboration.



eShare's unwavering commitment to secure collaboration ensures that your sensitive data remains safeguarded, empowering your organization to thrive in a digital landscape fraught with risks!

Secure Today, Thrive Tomorrow: Safeguard your data and propel your organization forward witheShare's trusted collaboration tools.

Contact Us