Oxalis Achieves CMMC Level 2 Certification

Strengthening Our Commitment to Defense and Regulated Industries

Oxalis is proud to announce we have achieved Cybersecurity Maturity Model Certification (CMMC) Level 2, a critical milestone that validates our ability to securely handle Controlled Unclassified Information (CUI) and positions us to deepen our support for the defense industrial base, MRO providers, and maritime operators.

This certification reinforces what our clients already know: Oxalis is built for highly regulated environments. It demonstrates our commitment to delivering technology solutions that meet the highest security standards while enabling the digital transformation our defense industrial base partners need to remain competitive and mission-ready.

“For nearly a decade, Oxalis has been committed to serving organizations where security and compliance aren’t optional—they’re mission-critical. Achieving CMMC Level 2 certification validates our security-first culture and opens new opportunities to support the defense industrial base. This isn’t just about expanding our market; it’s about proving we can be trusted with the sensitive information that keeps our nation secure.”

Jonathan Malanche, CEO

Oxalis

What is CMMC and Why Does it Matter

The Cybersecurity Maturity Model Certification (CMMC) is the DoD’s unified standard for implementing cybersecurity across the defense industrial base (DIB). Created to protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI), CMMC ensures that all contractors and subcontractors handling DoD information maintain robust cybersecurity practices.

CMMC Level 2 represents an advanced security posture required for organizations that create, process, store, or transmit CUI. It encompasses 110 security controls aligned with NIST SP 800-171 Rev. 2, covering critical areas including: 

  • Access control and authentication 
  • Incident response and recovery 
  • System and communications protection 
  • Risk assessment and continuous monitoring 
  • Configuration management and media protection 

Achieving CMMC Level 2 certification requires a rigorous third-party assessment by a Certified Third-Party Assessment Organization (C3PAO). 

Understanding Controlled Unclassified Information (CUI)

Controlled Unclassified Information (CUI) is unclassified information that the U.S. government creates, possesses, or that an entity creates or possesses on behalf of the government, which requires safeguarding and dissemination controls. 

CUI is not classified information, but it still demands protection. It includes technical drawings, engineering specifications, operational reports, procurement data, and other sensitive materials shared between the DoD and its contractors. The DoD CUI Program standardizes how this information is marked, handled, and protected across the defense ecosystem. 

Achieving CMMC Level 2 compliance allows Oxalis to work directly with sensitive defense information, support system modernization efforts, and provide the deep technical integration our clients need, without compromising security or compliance. 

What This Means for Oxalis Clients

CMMC Level 2 certification expands Oxalis’ ability to serve the DIB in several critical ways:

  • Eligibility for DoD Contracts. Starting in late 2025, most DoD contracts involving CUI require full Level 2 certification from a third-party assessment. Oxalis’ certification ensures we can continue bidding on and supporting contracts that involve sensitive defense information. 
  • Deeper Integration with Mission-Critical Systems. Our certification enables us to work within or adjacent to DoD environments, supporting everything from ERP implementations and cloud migrations to IT modernization and digital transformation initiatives. 
  • Supply Chain Security. By achieving CMMC Level 2, Oxalis strengthens the overall security posture of the defense supply chain. Our clients can trust that their sensitive information is protected when working with us, reducing risk across their own compliance posture. 

Reinforcing our Goal in Providing Solutions Built for Highly-Regulated Environments

CMMC Level 2 certification is a natural extension of Oxalis’ core mission: helping government, defense, healthcare, and other highly regulated organizations modernize their operations without compromising security, speed, or compliance. 

From our partnerships with Atlassian (including FedRAMP and Atlassian Government Cloud) and IFS, to our proprietary solutions like YardOS, we design every engagement and product with the unique demands of regulated sectors in mind. Our team understands that in defense and government work, there’s no room for error; every system must be secure, auditable, and future-ready. 

“The defense industrial base faces evolving cyber threats every day. CMMC Level 2 isn’t a one-time achievement – it’s a commitment to continuous security improvement. Our team has embedded these controls into our DNA, from product development to client engagements. This certification gives our DIB partners confidence that when they work with Oxalis, they’re working with a team that takes security as seriously as they do.” 

Micah J. Waldstein, VP 

Oxalis

At Oxalis, we’ve spent years building deep expertise in highly regulated industries. We’ve supported various defense agencies, partnered with IFS to modernize naval MRO operations, and helped organizations across the defense industrial base navigate complex digital transformations. In every one of those engagements, trust is the foundation. 

CMMC Level 2 certification formalizes that trust at the system level. 

For our existing clients, it means they can bring Oxalis deeper into sensitive environments, knowing we have the certified security posture to operate there responsibly. For prospective clients evaluating technology partners for DoD work, it removes a critical barrier — Oxalis is now verified as a compliant organization capable of handling CUI within the defense supply chain.

Strategy, Meet Execution: Oxalis Earns Atlassian Enterprise Strategy & Planning Specialization

We’re thrilled to share some exciting news from the floor of Atlassian Team ’25: Oxalis has officially earned the Enterprise Strategy & Planning specialization (formerly known as Agile-at-Scale). This distinction recognizes our deep expertise in guiding complex organizations through large-scale Agile transformations—and we’re honored to be among the select partners entrusted with this designation.

We’re incredibly grateful to the Atlassian team for their partnership, trust, and continued investment in the Solutions Partner ecosystem. Being part of this community means more than just delivering solutions—it means helping customers unlock real, lasting change.

What the Specialization Means

To earn this specialization, partners must demonstrate real-world experience and proven outcomes in helping organizations scale agile practices using frameworks like SAFe, LeSS, Disciplined Agile, and more. It reflects not only our technical proficiency with tools like Jira Align and Jira Software, but also our broader capabilities in:

  • Advising on agile architecture and enterprise tooling
  • Aligning teams, leadership, and organizational goals
  • Accelerating delivery and improving predictability
  • Driving cultural change and agile adoption across the enterprise

This specialization is about more than process. It’s about strategy, leadership, and transformation.

Our Approach: Practical, People-Centered, and Proven

At Oxalis, we understand that no two organizations are alike. That’s why we don’t take a one-size-fits-all approach to agile at scale. We help our clients design and evolve the right framework for their unique context—whether that’s SAFe with Jira Align, a custom hybrid, or something in between. Our work is grounded in practical experience and guided by measurable outcomes.

From the California Department of Health Care Services (DHCS) to ARPA-H and the Gates Foundation, we’ve helped large, complex teams move from siloed efforts to enterprise-wide visibility and agility. We build long-term partnerships, provide coaching and training, and guide our clients every step of the way—from initial roadmap to steady-state optimization.

A Shared Vision with Atlassian

This milestone reflects the synergy between Oxalis and Atlassian’s vision for the future of work. As teams navigate increasing complexity, tighter timelines, and higher expectations, we believe enterprise agility is no longer optional—it’s essential. Atlassian’s suite of tools, including Jira Align, provides the foundation. Oxalis helps make it real.

We’re proud to stand alongside Atlassian at Team ’25, celebrating the innovation, passion, and momentum that this community brings to every challenge.

To our clients, our partners, and the Atlassian team—thank you. We’re just getting started.

Let’s continue building better ways of working, together.

The Why, What, and How of Agile at Scale

Ready to achieve your Agile at Scale transformation?

Breaking Barriers, Building Futures: The Women of Oxalis in Tech

Technology has long been considered a male-dominated field, but women have been shaping and driving innovation for decades—often without getting the recognition they deserve. At Oxalis, we know firsthand how essential women are to the tech industry. We’re not just here to take up space—we’re leading, problem-solving, and making a real impact.

This Women’s History Month, we’re taking a moment to celebrate the incredible women at Oxalis. More than just hiring talented women, we’re fostering an environment where they thrive, collaborate, and drive meaningful change. So, I sat down with five of our amazing teammates—Dee Self, Mary Sullivan, Victoria Côté, Sharon Liu, and Blanca Vazquez—to talk about their journeys in tech, the challenges they’ve faced, and what the future holds for women in this industry. Their insights are inspiring, real, and a testament to why the future of tech is brighter with more women at the table.

What sparked your interest in technology? Was there a specific moment or person who influenced your path?

Victoria“My interest in technology grew from my love of history and art, particularly in museums. These institutions must modernize to maintain interest and funding, often through technology. I would love to be part of those initiatives, helping preserve history while making it more accessible in new ways.”

Mary“Both of my parents worked in technology, so I was surrounded by it from a young age. Growing up in Silicon Valley, I was always drawn to innovation and new solutions. I knew I wanted to be part of shaping the future of tech.”

Dee“I didn’t initially consider myself interested in technology. It wasn’t until I noticed how much inefficiency and system issues were slowing down our sales team—and the lack of lasting solutions—that I realized something needed to change. Being a natural problem solver, I decided to step into the world of technology to bring efficiency and resolution to the challenges we faced.”

Sharon“I stumbled into tech consulting by chance after connecting with recruiters at a career fair. As I learned more about the industry, I became fascinated with solving clients’ challenges and finding technology-driven solutions to make their work easier.”

Blanca“Anu Bharadwaj, Atlassian’s president, has been a huge inspiration for me. She’s so enthusiastic about sharing updates, introducing new products, and offering valuable insights into the tech world. I admire her passion.”

What are some of the biggest challenges you’ve faced as a woman in tech, and how did you overcome them?

Victoria“I’m fairly new to the tech sector, but my biggest challenge so far has been balancing the need to learn on the fly with getting work done. I can get carried away in the discovery process, so I’ve had to learn when to pause and apply my knowledge.”

Mary“I sometimes find it difficult to be taken seriously as a young woman in tech. It’s easy to get overpowered by some of the ‘experts’ in this field, so I had to work hard to find my voice and confidence. I’ve learned to assert myself and not let others make me feel small.”

Dee“The industry where I began my career was undoubtedly male-dominated. Surprisingly, when I transitioned into technology at Nestlé, I experienced the opposite—I found myself surrounded by talented women and inspired by incredible female leaders. That shift showed me what’s possible when companies prioritize inclusivity.”

Sharon“One of the challenges I’ve faced is having the confidence to speak up, especially in technical discussions. Fortunately, Oxalis has built a culture that encourages open dialogue and values everyone’s input. I’ve become more comfortable asserting my ideas with more practice and the right environment.”

Blanca“Technology is always evolving, and staying current can be challenging. I’ve found that attending Atlassian webinars and keeping up with industry changes has been a great way to stay informed.”

What advice would you give young women considering a career in technology?

Victoria“Tech can be whatever you want it to be. It applies everywhere, in every industry. The knowledge and experience you gain in this field will take you far, no matter where your career leads.”

Mary“Be confident in yourself and know that your opinion is valuable, even if people make you feel small or overlooked.”

Dee“If you’re passionate about technology, go for it! Don’t let yourself get pigeonholed into tasks that others may assume are ‘better suited’ for a female. Speak up, advocate for yourself, and never hesitate to ask questions or share your ideas. And don’t wait to apply until you meet every qualification—believe in your potential and take the leap.”

Sharon“Stay curious and find a good mentor. Whether it’s learning a new tool, tackling a different approach, or navigating challenges, curiosity will help you grow. A good mentor can also be a game-changer, offering guidance and encouragement when you need it most.”

Blanca“Be curious, find your own voice, and don’t be afraid to try new things.”

What are you most proud of in your career so far?

Victoria“I’m proud of my resilience—continuing to move forward in my pursuit of a career that fulfills me both personally and professionally.”

Mary“I’m really proud of my transition from marketing into consulting. I didn’t have the traditional background for this role, but I stayed curious and worked hard to learn everything I could from my peers and mentors.”

Dee“Without a doubt, I’m most proud of the relationships and friendships I’ve built along the way. Seeing the growth in those I’ve had the privilege to lead, coach, or mentor is incredibly rewarding.”

Sharon“Leading a challenging migration project where I had to navigate timeline constraints, technical hurdles, and product limitations. Despite the obstacles, I built a strong relationship with the client and also mentored an Associate Consultant through her first project. Seeing her confidence grow was just as rewarding as the project’s success.”

Final Thoughts: Breaking Barriers & Building the Future

The women of Oxalis aren’t just thriving in tech—they’re shaping its future. They’ve navigated challenges, carved out space for themselves, and are paying it forward to the next generation.

At Oxalis, we believe that fostering an inclusive and supportive environment is essential to driving meaningful change in the industry. This Women’s Month, we celebrate the resilience, intelligence, and leadership of the women who make Oxalis—and the tech world—better every day.

To all the women in tech: Keep pushing boundaries. Keep speaking up. Keep innovating. The industry is better because of you.

Want to join a team that values diversity and innovation? We’re hiring!

Full Steam Ahead: Propelling Shipyards into the Digital Age with ShipyardOS

The U.S. shipbuilding and repair industry is at a crossroads. We’re facing stiff competition from around the globe, and it’s clear that the old ways of doing things just aren’t cutting it anymore. We need to embrace the digital age, not just by adopting shiny new technologies, but by fundamentally transforming how we use data to run our businesses.

That’s where ShipyardOS comes in. It’s not just another software solution; it’s a vision for a smarter, more connected, and more efficient shipyard. Think of it as the operating system for your entire operation, designed to harness the power of data and propel you ahead of the competition.

From Gut Feeling to Hard Data: Making Smarter Decisions, Faster

At its core, ShipyardOS is about empowering every person in your shipyard with the data they need to excel. Imagine a world where your estimators have real-time insights into past project performance, where your production teams can track progress in real-time, and where your executives have a bird’s-eye view of the entire operation, all fueled by data.

This isn’t some far-off dream; it’s achievable today. The technologies are mature, and the potential benefits are enormous. But it requires a shift in mindset — a move away from reactive IT towards a proactive, data-driven approach.

Building Blocks for a Digital Shipyard: The Tech Stack that Powers ShipyardOS

Building ShipyardOS starts with a solid technological foundation. Think of it as laying the groundwork for a digital shipyard. This involves:

  • Strong identity management: Making sure the right people have access to the right data at the right time.
  • Seamless data exchange: Breaking down data silos so information flows freely across departments.
  • Powerful analytics: Turning raw data into actionable insights that drive decision-making.
  • Smooth integration: Making it easy to add new technologies as your shipyard evolves.
  • Smart automation: Streamlining repetitive tasks and freeing up your team for more strategic work.

Setting Sail: Your Shipyard’s Digital Transformation Roadmap

We understand that every shipyard is at a different stage in its digital transformation journey. That’s why we’ve developed a maturity model to guide you. It helps you assess where you are today and chart a course towards a fully data-driven shipyard.

Take ship maintenance and repair, for example. The journey might start with digitizing work orders and production management. Then, you could integrate data across teams and stakeholders, build a common data platform, and eventually leverage predictive maintenance and even cutting-edge technologies like AR and robotics.

Rising Tides Lift All Boats: ShipyardOS and the Future of the Maritime Industry

ShipyardOS isn’t just about individual shipyards; it’s about transforming the entire maritime industry. Imagine a world where shipyards, suppliers, and the U.S. Navy all speak the same data language, collaborating seamlessly to build and maintain the ships that keep our nation strong.

The U.S. Navy, in particular, has a huge role to play. Their standardized work patterns offer a blueprint for industry-wide best practices. By working together, we can create a more efficient, innovative, and resilient maritime ecosystem.

Don’t Miss the Boat: ShipyardOS is Your Ticket to a Smarter Shipyard

ShipyardOS is a call to action for the maritime industry. It’s time to move beyond reactive IT and embrace a data-driven future. The tools and technologies are ready; what’s needed is the vision and commitment to make it happen.

ShipyardOS isn’t just about technology; it’s about transforming your business. It’s about empowering your people, streamlining your operations, and achieving sustainable success in the digital age. The future of shipbuilding is data-driven, and ShipyardOS is your roadmap to get there.

Unlock Your Shipyard’s Full Potential. 

Discover the power of data-driven shipbuilding with ShipyardOS.

Request a consultation today.

The Oxalis Cloud Migration Playbook: Your Atlassian Cloud Journey, Simplified

Migrating to the Atlassian Cloud? It’s a leap towards greater agility, scalability, and innovation. But, let’s face it – the process can be daunting. That’s why Oxalis, your trusted Atlassian Platinum Solution Partner, has crafted a comprehensive playbook to guide you through every step of your cloud migration journey.

Why You Need the Atlassian Cloud Migration Playbook

When Atlassian announced they were discontinuing Server edition products, we knew our clients needed a reliable roadmap to navigate their cloud migration. That’s where our playbook comes in. It’s your compass for a deliberate, secure, and efficient transition, whether you’re moving from Server, Data Center, or another cloud instance.

Inside Oxalis’ Cloud Migration Playbook: Your Step-by-Step Guide

We’ve designed this playbook for you, covering the entire migration process from meticulous pre-planning and thorough testing to flawless execution. No stone is left unturned, ensuring you have the tools and knowledge for a successful in-house migration. We understand that this can be a time-intensive process, and we’re here to make it as smooth as possible.

Our playbook is divided into four key stages:

  1. Planning: Laying the groundwork for a successful migration.
  2. Preparation: Getting your systems and data ready for the move.
  3. Migration: Executing the move with precision and confidence.
  4. Post-Migration: Optimizing your new cloud environment for maximum performance.

Each stage is packed with actionable tasks, expert insights, and considerations tailored to your unique needs. We aim to provide the guardrails you need to develop your own migration strategy, no matter how complex your setup.

Why Choose Oxalis as Your Cloud Migration Partner?

While our playbook equips you for an in-house migration, we know that sometimes you need a helping hand. That’s where Oxalis’ expertise shines. As Atlassian cloud migration advisors, we’ve guided countless organizations through successful transitions. We can create a tailored roadmap, execute the migration with speed and efficiency, and optimize your setup for maximum performance.

Don’t Go It Alone – Let Oxalis Be Your Guide

If you’re hitting roadblocks or simply want the peace of mind that comes with expert guidance, reach out to us. We’ll help you unlock the full potential of the Atlassian Cloud and make your migration a resounding success.

Ready to embark on your cloud migration journey?

Download your free copy of the Oxalis Atlassian Cloud Migration Playbook today and discover the path to a seamless transition.

Remember, with Oxalis, your Atlassian Cloud migration is not just a project, it’s a partnership.

Oxalis’ Proven Methodology: Your Atlassian Cloud Migration, Simplified

As your trusted Atlassian Cloud Migration advisors, we’ve distilled our extensive experience into a step-by-step eBook. Whether you’re transitioning from Server or Data Center, this guide covers every aspect of your journey.

Doubts about the Cloud Migration Playbook? Talk to us; we’re an Atlassian Platinum Solution Partner.

Debunking Atlassian Cloud Migration Myths: Separating Fact from Fiction

Cloud migration often comes with a whirlwind of myths and misconceptions. Let’s take a moment to clear the air and address some of the most common concerns head-on:

Myth #1: Cloud Security is Inferior to On-Premises Hosting

Reality: This is a misconception! Atlassian Cloud boasts robust security measures, including two-factor authentication, data encryption, and regular backups. Their dedicated security team works tirelessly to monitor and safeguard your data around the clock. You’re in good hands.

Myth #2: You Lose Control Over Your Data in the Cloud

Reality: Not at all! Atlassian Cloud puts you firmly in the driver’s seat. You retain complete control over your data, with granular tools to manage user access and permissions. Your data is yours, and you decide who sees what.

Myth #3: Cloud Migration is Overly Complex

Reality: While any migration requires careful planning, Atlassian has your back. They offer comprehensive documentation, resources, and expert partners (like Oxalis!) to guide you through the process, ensuring a smooth and successful transition.

Myth #4: Cloud Sacrifices Customization and Flexibility

Reality: Think again! Atlassian Cloud is surprisingly customizable. You can tailor applications and data to your specific needs, and the cloud’s inherent scalability means you can easily adapt as your business evolves.

The Truth About Atlassian Cloud

In reality, the Atlassian Cloud offers a compelling mix of benefits:

  • Enhanced Security: Robust safeguards to protect your valuable data.
  • Scalability: Effortlessly expand or contract resources to match your needs.
  • Cost Savings: Reduce upfront infrastructure costs and ongoing maintenance.
  • Customization: Tailor the platform to fit your unique workflows and processes.

By dispelling these myths and embracing the reality of Atlassian Cloud’s advantages, you’re opening the door to a more efficient, secure, and flexible way to manage your work.

Embrace the Cloud: Atlassian’s Advantages Unleashed

Moving to the Atlassian Cloud isn’t just about keeping up with technology; it’s about unlocking a new realm of possibilities for your organization. Here’s what you gain when you make the leap:

Unleash Your Potential with Scalability: Say goodbye to the limitations of on-premises infrastructure. Atlassian Cloud flexes to fit your needs, effortlessly scaling up or down as your team and projects grow.

Fortress-Like Security: Your data’s safety is paramount. Atlassian Cloud boasts state-of-the-art security measures,including two-factor authentication, encryption, and regular backups, all meticulously monitored by a dedicated security team. Rest easy knowing your information is protected.

Cost-Efficiency, Unleashed: Ditch the expensive hardware and the IT headaches that come with it. Atlassian Cloud eliminates upfront costs and ongoing maintenance, freeing up your budget for more strategic initiatives.

Stay Ahead of the Curve: Innovation is the name of the game. Atlassian Cloud continuously rolls out new features and enhancements, keeping you at the forefront of technology without the hassle of manual upgrades.

Collaboration, Reimagined: Work as one cohesive unit, no matter where your team members are located. Real-time editing, comments, and notifications fuel seamless collaboration, boosting productivity and fostering innovation.

Work from Anywhere, Anytime: Atlassian Cloud is your virtual office. Access your tools from any device, whether it’s a desktop, laptop, tablet, or smartphone. Your work goes where you go.

The Bottom Line: Your Atlassian Cloud Advantage

The Atlassian Cloud isn’t just a platform; it’s a catalyst for growth, collaboration, and efficiency. By embracing its benefits, you’ll empower your teams, streamline processes, and drive innovation like never before. Ready to explore how the Atlassian Cloud can transform your organization? Reach out to an Atlassian Solution Partner like Oxalis for expert guidance and support.

The Oxalis Advantage: Your Atlassian Experts

Navigating the Atlassian ecosystem can be complex. That’s why partnering with an Atlassian Solution Partner like Oxalis is crucial. Our seasoned experts provide tailored solutions to maximize your Atlassian investment, whether it’s implementation, customization, training, or ongoing support. We’re your dedicated co-pilots, ensuring your Atlassian journey is smooth, successful, and aligned with your unique goals.

Unlock the Full Power of Atlassian with Oxalis’ Expert Services

Your Atlassian tools are powerful, but are you maximizing their potential? Oxalis’ suite of Atlassian services empowers your organization to streamline processes, boost productivity, and achieve your business objectives. Here’s how we can help:

Seamless Atlassian Cloud Migration: Transitioning to the cloud can be complex, but not with Oxalis by your side. We’ll guide you through every step, ensuring a smooth, secure, and efficient migration from Server or Data Center to the Atlassian Cloud.

Empower Your Teams with Tailored Training: Whether you’re new to Atlassian or looking to upskill your team, our training programs are designed to meet your specific needs. From on-demand courses to live, interactive sessions, we’ll equip your team with the knowledge they need to thrive.

Expert Consulting, Tailored to You: Every organization is unique. That’s why our Atlassian consultants take a personalized approach, crafting solutions that align with your specific goals and challenges. We’ll help you optimize your tools, customize workflows, and achieve greater efficiency.

Proactive Managed Services for Peace of Mind: Don’t let technical issues slow you down. Our managed services provide ongoing support, troubleshooting, and expert guidance, ensuring your Atlassian tools run smoothly and your team stays productive.

Your Success is Our Priority

Oxalis is more than just a service provider; we’re your dedicated Atlassian partner. We’re committed to helping you maximize your investment in Atlassian tools and achieve your business goals. Let us help you unlock the full potential of your Atlassian ecosystem.

Recommended blog posts

Jira Service Management vs Zendesk: What’s Best?

Things you’ll learn

Jira vs Zendesk? Did you know that over 25,000 extraordinary companies like AirBnB and Spotify to news organizations such as the Daily Telegraph are all on the Jira Service Management platform?

Simply put, when it comes to Jira Service Management vs. Zendesk, Service Management is a dominant force!

As always, if you’d like to compare Jira Service Management vs. Zendesk and other platforms like Freshdesk and more, please schedule a free consultation below, or learn more about our Jira consulting services. Want to learn more about Jira Vs Zendesk?

Comparison Overview

Jira Service Management and Zendesk are two of the clear leaders in the customer service management space. Both of these tools offer request tracking, interaction between customers and agents, reporting, customizability and are scalable for most organizations. 

One of the clear and most obvious differentiators between these two tools is the pricing structure. Where Jira Service Management includes all of their best-in-class features in their Standard offering, the Zendesk Suite has a more tiered pricing model, with limited features at the lower levels.

Jira Service Management Overview

When it comes to licensing Jira Service Management, you have two main options; Cloud and Data Center. This guide will focus on both Jira Service Management offerings. Jira Service Management is a SaaS-based enterprise-grade Service Management solution that scales way beyond standard Zendesk and Freshdesk platforms.  Like all Software as a Service (SaaS) based platforms Jira Service Management is licensed via a subscription model and is hosted and supported by Atlassian, with no additional hosting expenses to consider. However, for those companies that have high-security needs, or specialized performance needs, there is a self-hosted option that can be attractive to certain organizations such as those in Aerospace, Defense and Healthcare. Send us a message.

Jira Service Management can support both internal and external customer business models and is an ideal fit for companies with leaner Help Desk or Service teams that desire to focus their attention on efficiency, process improvement, and traceability. Jira Service Management accomplishes this and adjusts to businesses as their use cases, needs, and teams change.

The Jira Service Management software runs on the base Atlassian Jira core framework and architecture. Service Management is modeled after a plugin architecture that is individually licensed. As a subscriber or buyer of this solution, you essentially obtain the core Jira framework along with Service Management. However, Agile project management, SCRUM boards, and other Jira features are not enabled and you will need to license Jira Software independently of Jira Service Management in order to obtain traditional Scrum and Project Management features.

Features We Love Within Jira Service Management

  1. Issue Types & Request Types: Out-of-the-box configuration of best practice issue and request types to get your team and customers on the same page. Update based on your specific use case if necessary.
  2. Queues: Focused, flexible, customizable list views of the most important requests for your teams to work on.
  3. Workflow & Approval: Easily build off of Jira’s default ITSM workflow to build in automated approval or customer-facing transitions.
  4. Field Configurations: Hide, show and prepopulate various different types of custom fields to ensure your agents are getting the right information from customers.
  5. Service Level Agreements (SLAs): Track your team’s response time, resolution statistics and more with custom SLAs and reports.
  6. Customer Portal: Receive requests via email or direct your customers to a customized, external portal where they can submit, comment on and track all of their requests.
  7. Knowledge Base Integration: Jira Service Management seamlessly integrates with Atlassian’s core document collaboration solution, Confluence, to suggest documentation to customers and agents, and allow agents to quickly document new processes directly from Jira.
  8. Marketplace Extensibility: There are nearly 1,000 compatible Apps to extend Jira Service Management to fit any use case.

Zendesk Overview

In 2021, Zendesk announced their new, revised, Zendesk Suite, combining their different service offerings into one major offering. The Zendesk Suite combines their Support, Talk, Chat and Guide products into one tool for service teams. This is what they refer to as an omnichannel solution, as an integrated customer service platform. Zendesk is strongly focused on the customer experience offering in their support products, pulling in requests from various channels, such as email, phone, social, and more. 

Price Comparison

At the lowest plan and user tier, Zendesk is $1 per agent per month cheaper than Jira Service Management, but unlike Zendesk, JSM offers a tiered pricing structure, reducing the cost per agent as you scale up to increased agent counts.

Jira Service Management Pricing Structure

PlanDescriptionPrice
StandardUnlimited support projects, with customer portals, SLAs, reports, configurable requests and workflows.1-3 $20 Flat, 4-15 $20/agent, 100 $15.75/agent, 250 $12.30/agent, 1,000 $6.83/agent, 5,000 $5.37/agent
PremiumIncludes asset and configuration management, as well as incident management and global automation. Also includes Sandbox environment.1-15 $45/agent, 100 $39.90/agent, 250 $31.56/agent, 1000 $17.64/agent, 5000 $11.33/agent
EnterpriseUnlimited number of sites and includes Atlassian Access for SSO.Contact us
*Enterprise Plan is only available as an annual subscription.

Zendesk Pricing Structure

PlanDescriptionPrice
Support TeamIncludes basic support features.$19/agent/month
Support ProfessionalIncludes CSAT surveys and SLAs.$49/agent/month
Support EnterpriseIncludes multiple ticket forms, custom permissions and a Sandbox.$99/agent/month
Suite TeamIncludes all basic features, limited to a single help center.$49/agent/month
Suite GrowthIncludes multiple help centers and a self-service portal.$79/agent/month
Suite ProfessionalIncludes SLA management and custom reports.$99/agent/month
Suite EnterpriseIncludes a Sandbox environment.$150/agent/month

Next Steps: Jira Vs Zendesk?

Thinking Jira Service Management might be a good fit for your service organization, but not entirely convinced? Our team of experts can help you evaluate Jira Service Management, Zendesk and more. Learn more about our Jira consulting services. If you have any doubts or questions, feel free to send us a message.

Recommended blog posts

Contact us

Unlock the full capabilities of Jira Service Management by partnering with an Atlassian ITSM expert like Oxalis. Elevate your IT service experience through enhanced efficiency and optimization.

Jira Buyer’s Version Comparison Guide: Which Do I Need? | Jira pricing, features and more.

This Jira Comparison Guide will explain the cost and features of each Jira product, and provide guidance on choosing the Cloud vs. Data Center versions. With all the available information, it can be hard to compare all the Jira pricing, factors, and what they can do for your business. Our Jira Comparison Guide aims to distill the most important information into one place.

For example, Atlassian has separate pages for the three main products, Jira Work Management, Jira Software, and Jira Service Management. Here, we’ll explain everything in detail (including Jira license cost per user). And then, there are yet again separate pages for the two hosting versions, Cloud and Data Center. Note that Atlassian no longer sells Server Edition, and if you want to stay self-hosted you will be subject to a minimum user tier or 500 on Data Center. Oh, and not all the products and features are available in the Data Center version that your business may need for extra levels of security or work management capabilities. Licensing costs for Jira are likewise scattered.

We’ll put it all together for you in this Jira Comparison Guide, so it’ll be clear which Jira options your business needs.

CONTACT EXPERTS

Table of contents

3 Factors That Tell You Which Version of Jira to Buy

There are the three key factors to consider:

  • Product: Jira Work Management, Jira Software, and/or Jira Service Management
  • Deployment: Cloud or Data Center
    • Note: Jira Work Management does NOT have a Data Center version.
  • Licenses: number and type

Update: Atlassian Announced End of Life for Server Edition Products

On October 16, 2020 Atlassian announced they were sunsetting their Server edition support by February 2024, and would halt the sale and service of their Server licenses by February 2021. This announcement supports the company’s recent moves toward simplifying their self-managed options and doubling down on their Cloud support for Jira Software, Jira Work Management, Jira Service Management, and Confluence. With this announcement, they also announced pricing changes for Cloud and Data Center licenses by February 2021.

What This Means for You

  • All of the information in this Jira Comparison Guide is still accurate, such as Jira cost per user, features and more.
  • We strongly encourage any companies adopting Jira’s suite of high power Agile software tooling to consider Cloud licensing, if possible.
  • If your company is unable to move to the Cloud for compliance reasons, Data Center products are available.
  • We broke down Atlassian’s announcement and offered suggestions and steps forward on our blog.
CONTACT US

Jira Work Management, Jira Software, and Jira Service Management

These three products are independent, and can be used individually or partnered together. Atlassian recognized the crossover use of Jira for all business units. Marketing teams to HR functions started using Jira to track work and collaborate. The launch of Jira Work Management reflects the fact that its business project functionality is at the core of what Jira does, and is present in the Software and Service Management versions as well. So, if you want just Jira Software, you can use it without feeling the need to add other products. Here’s an overview of the products:

[table id=1 /]

The target uses listed above should give you a general sense of each product’s focus. Keep in mind: Jira is inherently flexible and extensible, not just by virtue of the hundreds of add-ons available in the Atlassian Marketplace. Its well-documented Java API allows anyone to write custom code and even create add-ons.  So even if your use cases don’t clearly match what’s listed, Jira may still meet your needs. We have included some examples below for reference.

The fact that Jira offers a dedicated software version does not mean it’s necessary for software development. In fact, if you’re part of a small team or not following the Agile Development Approach, Jira Software could be more than you or your team needs. The fields utilized in Jira Software are built into both Jira Work Management or Jira Service Management for software development. It would be possible to build more simplistic configurations on those two products.

Learn More

Jira Service Management Serves ITSM Needs

Jira Service Management stands separate from Jira Work Management and Software, as they have the self-service customer portal. The portal provides a simple external interface to Jira that allows unlicensed users to create requests and check on the status of their requests. Add-ons and customization can expand the actions available through a portal.

Note the key phrase “unlicensed users.” In Jira Service Management, a license is only required to work on an issue. This allows the flexibility to allow for many more people to use Jira than you could otherwise afford.

Business Cases

To illustrate Jira’s flexibility and extensibility, here are two examples of business processes that can be built in Jira:

1) Document Review

Say you’re a complex fabrication company that uses an engineering company to produce drawings and schematics needed to fill orders. Each document has to be reviewed both by you and the customer, and can go through several revision cycles before being approved and sent to production.

With Jira Service Management, you can create an external portal that engineers use to submit documents (including both attachments and metadata), while the customer uses it to review them.  In Jira, your team receives a document request and reviews it, then uses a custom workflow to send the request to the customer for review via the portal. The customer sends the request back with their feedback, you review it again, send it to the engineer to revise.  Eventually, the request is approved, and the workflow automatically routes it to production and the work begins. The engineers and the customer can do all that through the portal.

2) Marketing Collaboration

In this scenario, you have multiple teams working together on a large marketing campaign for the business. This campaign brings together many disciplines from content creation, copywriting, design, and development. Your teams need to collaborate and time their work efficiently to hit a deadline for an impending product launch. To date, you’ve been trying to string this together with tools oriented around those various disciplines and you’re even struggling to align to a product release from the software team.

With Jira Work Management, you can handle the entire process, from logging the work across all the teams to managing related assets for the campaign. You even have visibility across all the timelines and work for each team using Atlassian Advanced Roadmaps capability. And finally the icing on the cake: you can track your campaign and link it to an upcoming release while tracking the live progress with Advanced Roadmaps for the entire release. Now that’s work management across teams.

Bottom line: Jira Software is a perfect fit if you’re doing Agile Software Development with a sizable team or multiple teams.

Is there a special case we didn’t cover? We’d love to learn about it. Contact us and we’ll find a solution that fits your team needs.

Schedule a Meeting to Implement Jira

Deployment Comparison: Cloud or Data Center

This choice should be familiar with many other software offerings, such as Microsoft SharePoint.

[table id=2 /]

Here are some practical questions to consider:

  • Will you have the resources to handle your own installation and maintenance?
    • If not, Jira Cloud is best.
  • Will you need full redundancy, high availability, or other enterprise-level architecture features?
    • If so, Jira Data Center is best.*
  • Will you have the resources for custom development?
    • If not, Jira Cloud is best.
  • Do you have government security requirements to meet, e.g. NIST or ITAR?
    • If so, Jira Data Center is best.*
  • Is it easier for your company to pay larger amounts of money annually, or smaller amounts monthly?
    • If monthly, then Jira Cloud is best, as it’s the only option that has a monthly plan.

*Oxalis recommends Data Center licenses only to those companies that have heightened security and compliance needs. Otherwise, we recommend going Atlassian Cloud.

Download the Free Cloud Migration Playbook

What Are the Differences between Jira Cloud Licenses?

Wondering about Jira license cost? Atlassian sells its Cloud licenses with different tiers depending on your required features: Cloud Free, Cloud Standard, Cloud Premium, and Cloud Enterprise.

Jira Work Management, as a lighter version of the more robust Jira Software, only offers Cloud Free and Cloud Standard licenses. There are few differences between the two, however, the differences essentially separate daily users from casual users. Find out more at Atlassian here.

Jira Work Management Pricing

[table id=11 /]

Cloud Free

Atlassian’s Cloud Free version for Jira Work Management is great for businesses that are interested in checking Jira out as a whole, without committing fully. They offer a great collection of features; in fact, a company could use Cloud Free license for Jira Work Management up until they need more users. At that point, the value should be demonstrated and therefore the cost justified.

The Jira Work Management Cloud Free license does impose restrictions on storage, user count, and administrative tools like audit logs and advanced permissions.

Cloud Standard

The Cloud Standard version of Jira Work Management can be summarized by saying Jira Work Management Professional. The way Atlassian built their feature structure, businesses will need up upgrade to Jira Work Management Cloud Standard once they grow their user base or need more storage (250GB to be exact). Another real benefit is adding customer support, which is available to Jira Work Management Cloud Standard users between 9 am and 5 pm. Support will help with configuration, pulling reports, and configuring/customizing layout.

If you’re finding that Jira Work Management does not have all of the features that your business needs, consider making the leap to Jira Software.

CONTACT US

Jira Software Pricing

[table id=12 /]

*Note: Jira Pricing, scales with the number of users – the more users, the more affordable per-user cost. Contact us for an accurate Jira pricing.

Jira Software Cloud Free

The Cloud Free tier includes most of the dynamic features that sets Atlassian’s flagship products apart from the competition. Users have access to scrum and kanban boards, as well as Agile reporting, Roadmaps, and Automation (which most project management tools charge for).

However, the Cloud Free tier of Jira Software falls short with support, permissions, and storage. The 2GB of included storage can fill up relatively quickly depending on usage. Atlassian does provide a robust Community Support system, but many customization questions require more in-depth conversations and workshopping. If your company needs to separate viewing permissions within the company or with internal vs external users, the higher tier will suit you well.

All in all, the free tier is invaluable for those debating whether to make the Jira Software switch. There are several factors that, with adopted use, will all but require a paid tier.

Cloud Standard

The Jira Software Cloud Standard tier is the next step up for Jira Software or Jira Work Management users ready to unlock the full power of Jira. As an administrator, you have access to a bevy of new features including Advanced Permissions, Project Roles, Audit Logs, and 250GB of storage (rather than 2GB at the Cloud Free tier). Since you can have up to 10,000 users (starting at $7 per user per month for the lowest tiers), this tier can meet the needs of many organizations for years.

Jira Software Cloud Premium

If you’re using Jira Software as your company’s hub, Jira Software Cloud Premium is well worth the cost. With this tier, admins obtain access to insights, sandboxing, release tracking, and unlimited storage – and it has Advanced Roadmaps for Jira included – the robust planning and forecasting Atlassian app that we use extensively at Oxalis.

Cloud Premium is double the price per user of Cloud Standard, but Atlassian makes up for it with all of the aforementioned included features. Not to mention, Atlassian also includes 24/7 priority support for Cloud Premium users.

The bottom line: if Jira Software is your company’s central hub, Cloud Premium will help you save money and time down the road as your processes improve and become more trackable.

Cloud Enterprise

Jira Software Cloud Enterprise is the highest tier available. With unlimited storage, 24/7 enterprise support, Atlassian Access, and unlimited sites included (the other tiers only allow for one site), Cloud Enterprise has you covered.

Companies should only consider Cloud Enterprise if they require those higher-level management and security requirements. Atlassian Access, Atlassian’s enterprise-wide subscription for enhanced security and centralized administration for Atlassian cloud products, brings an extremely high level of security to Jira Software. Features like SAML single sign-on (SSO), User provisioning (SCIM), Active Directory sync, Organization audit log, Organization insights, and Enforced 2FA are bundled into Atlassian Access.

You can add Access to the other tiers if needed, but you’ll have to purchase it separately.

While pricing isn’t readily available for Cloud Enterprise, Oxalis is able to pull a quote for your needs. Contact us and we will get the process started for you.

CONTACT US

Jira Service Management Pricing Breakdown

[table id=13 /]

*Note: Jira Pricing scales with the number of users – the more users, the more affordable per-user cost. Contact us for an accurate pricing.

Cloud Free

Atlassian provides Jira Service Management Cloud Free so teams can see for themselves what JSM has to offer at a high level. It includes most of the robust features that help users understand how JSM works, especially if they are testing JSM vs. competitors like Zendesk or Freshdesk.

There are, of course, limitations to the free tier. For example, JSM Major Incidents (Incidents that cause significant disruption to everyday business operations) are capped at 5 per month, which can be extremely limiting for anything larger than a small, local business. Postmortems (a process of evaluating incidents after they’ve been resolved), a cornerstone for a successful Agile framework, are also capped at 5 per month.

Cloud Standard

With JSM Cloud Standard, you can get up to 5,000 agents (paying less per user as you scale up) with 250GB of storage, and the Cloud Support Team ready to help you during local business hours. Cloud Standard users are allowed up to 100 major incidents per month (quite the jump from 5), with more auditing and reporting features available.

Cloud Standard is the typical entry point for companies adopting JSM for their ITSM needs. It includes enough to cover the most common needs and run your ITSM operations. If you find yourself needing even more, there’s Cloud Premium.

Cloud Premium

Cloud Premium is for those medium to large businesses that use Jira Service Management for their entire ITSM operation. This is the tier that unlocks unlimited major incidents, postmortem, and storage. Customer support at the Cloud Premium level is also 24/7 premium support.

This tier also includes newer tools like Sandbox, which allows agents to test and control updates before rolling them out across the entire system. As with the other Jira tools, Cloud Premium offers higher levels of admin and reporting tools.

One major feature Cloud Premium gives you is the Incident Command Center, where you command, control, and coordinate incident response, and effectively collaborate through Opsgenie-hosted video bridge and other integrated communication tools. Admins can investigate incidents and monitor the health of their system with these tools, enabling faster incident management and system improvement.

Cloud Enterprise

As with Jira Software, Cloud Enterprise for Jira Service Management includes the highest level of reporting and administration controls, with unlimited storage and 24/7 enterprise support. As with Jira Software Cloud Enterprise, Atlassian Access is included with JSM Cloud Enterprise—leading to extremely high levels of security for those large enterprises that require it.

Jira pricing and Atlassian products prices are based on specific enterprise needs, so if you’re interested contact us and we will work with you to pull the best quote for your needs.

Jira License Types

Jira Work Management and Jira Software are licensed per user, meaning that a user cannot use the system unless a license is purchased and assigned. As mentioned above, Service Management only requires a license for those who need to work issues in Jira, called “agents“.
It’s worth noting that licenses for agents are more expensive than licenses for Work Management and Software users—not surprising since there are fewer of them.

Jira Cloud license types may be paid monthly or annually. Cloud licenses will expire if you fail to renew when required. Data Center licenses are only available annually, but they do offer a 50% discount for academic clients.

Larger customers will want to engage a partner for best pricing and license optimizations.

CLICK HERE FOR LICENSE SUPPORT

All three products offer an affordable starter option for small groups (meaning up to 10 users or 3 agents). Beyond that, volume discounts make larger numbers of licenses progressively cheaper.

One practical consideration for Jira Service Management: it includes the business process features in Jira Work Management. If you’re setting up projects in Service Management that do not use the extra features of Service Management, but only the business process features, you still have to pay for agent licenses. As a result, it may be cheaper to get both Work Management and Service Management to save the expensive agent licenses.

Jira pricing sound confusing? Let’s chat and talk through what configuration will work best for your team.

Licensing Cost Overview and Comparison

To translate Jira’s license per user costs into more practical terms, we’ve picked some sample numbers of users to compare costs between products and deployment options.

Monthly Cloud License Comparison

Here are samples of the licensing costs per month for the Cloud version of each product.  

Note: All costs are in US dollars.

[table id=3 /]

Annual Cloud License Comparison

Since the Jira Cloud version also offers a discounted annual subscription plan, it’s worth comparing the annualized monthly cost for each product to the corresponding subscription cost. Here is a breakdown of the cost per year for Jira products.

[table id=4 /]

This table shows how much businesses can save with the subscription plan. But do the math for the number of licenses you actually need, as there are some beneficial points in the Jira cost per user hierarchy that might not be apparent from the surface. You can find Atlassian’s pricing calculator here: Jira Work Management | Jira Software | Jira Service Management.

Jira Comparison Guide conclusion: Jira cost, Jira features, where to go from here?

In some cases, the information provided above will be enough to determine which Jira product(s) and deployment options are the best fit for you and Jira cost per user. But most companies, especially larger ones, have plenty of business processes that don’t clearly fall into those categories. And the truth is, we all know that reading the marketing materials doesn’t always provide the most accurate reflection of performance. This is where we come in. Oxalis can bridge that information gap, and help you figure out whether Jira products and Jira pricing, can meet your particular needs.

We covered many of the benefits and drawbacks of, and differences between, Jira Work Management, Jira Service Management, and Jira Software over the course of this post. However, if you need more information while deciding if the Jira Suite is right for you, send our team of experts a message—don’t let lack of information make your decision for you. Need special help about Atlassian Jira Subscription? Send us a message.

For more information or help with Jira training, we offer Jira consulting services to help with best practices in configuration, customization, and more. If you still have questions after reading this Jira Comparison Guide, let us know.

Let’s Get Started

Contact us

Recommended Blog posts

Perspective on the state of CMMC – July 2021

Perspective on the state of CMMC – July 2021

Disclaimer: This is based on a general perspective amalgamated out of the past several months of news and specification revisions rather than any insider information and should not be considered at all authoritative.

CMMC threw the greater defense industrial base into a whirlwind of confusion with poor government communication, a cottage industry of un-accredited CMMC consulting, and concerns over the cost to small and medium firms. Over the past month, yet more smoke has billowed up, with the House Small Business Committee holding hearings, Katie Arrington, the DoD CISO serving as the public face, getting put on administrative leave, an early member of the CMMC Accreditation Body’s board resigning, and distribution of official notices warning of unauthorized providers.

At Oxalis, we talk to a lot of DoD contractors and find that this noise and confusion is creating either analysis paralysis or investment in anything that promises to be CMMC-ready, accurate, or not. We want to help cut through that noise and give our perspective on how all DoD contractors can make clear plans forward. Talk to our experts.

If You’re Currently Meeting DFARS Contractual Requirements, CMMC Will Be Easy

Oversimplifying, the CEO level summary of CMMC is that instead of self-certifying to meeting security requirements, now firms will need to be audited by a third party (3PAO). That’s it.

Yes, there is some change in the language of the requirements and a few non-trivial new requirements, but those are minor in contrast with the auditing requirement. Viewed through that lens, CMMC compliance and certification should be relatively inexpensive – tighten up policies, find an auditor and add some incremental tracking.

CMMC forces companies to ask if they have truly been in compliance with their current requirements and many are finding that the answer is “no”. With C-suite attention, DIB firms are recognizing that their system security plans (SSP) are superficial, plan of action & milestones (POAMs) serve as a graveyard of good ideas and missed deadlines, and bidding/contracting does not recognize what security rules they’re actually testifying to meeting.

At Oxalis, our perspective is that this is the gap between the DoD’s view that CMMC should be relatively inexpensive versus the reality of firms, some of who, are facing $250,000+ estimates for getting certified. Get help now.

Our Advice

Get your house in order and make sure you’re meeting your current requirements before diving straight into CMMC. Remember, there is personal criminal liability associated with failing to protect government information, and although rarely prosecuted, ensuring you meet the requirements of DFARS 7012/7019 will serve as a stepping stone to CMMC 3.

The DoD Will Require More Than “Just” CMMC

The current security standards landscape already causes confusion, but DoD contractors need to remember that on the majority of contracts, the cyber security requirements (DFARS 7012, etc) include meeting NIST 800-171 and then more. Similarly, many contracts have NOFORN (No foreign persons, aka ITAR) restrictions.

CMMC, even at level 5, doesn’t have any requirements that meet those ‘extras’. The DoD has not given any guidance on how (or if) they will continue adding their specific requirements. At Oxalis, we cannot see a case where those requirements will go away even with the full adoption of CMMC.

We all get imprecise with language, but when it comes to compliance and certification, no one can afford imprecision when differentiating between Controlled Unclassified Information (CUI) and Controlled Defense Information (CDI) and recognizing what your “High Water Mark” is for compliance. Similarly, just because a vendor or service is FedRAMP certified doesn’t mean they meet ITAR requirements.

As an example, many defense contractors use Microsoft’s Cloud Services – Office 365, Azure Cloud, etc. When looking at secure versions of those offerings, Microsoft 365 Government (GCC) and Azure Commercial meet the requirements of CMMC Level 3 and (very excitingly) DFARS 7012. There is a really big asterisk here – which is that those offerings do NOT meet ITAR/NOFORN requirements, requiring GCC-High for O365 and Azure Government for cloud hosting.

US Government Compliance in Microsoft Services (from Understanding Compliance Between Commercial, Government and DoD Offerings – February 2021 Update )

Our Advice

Understand your highest security requirement(s) when looking at and evaluating providers and services. Take a fine-tooth comb to your government contracts and look for key clauses that would force you to look at more restrictive services.

Despite the Noise, CMMC Will Happen

Improving the security of our nationally sensitive information and the digital safety of defense firms remains a critical initiative, only gaining importance from recent attacks such as the Solar Winds hack. At Oxalis, we believe the changes in CMMC are critical to improving the cyber defense of the nation, and moving away from unverified self-certification is a necessary change. The entire Defense Industrial Base, already committed to the defense of the nation and the safety of our warfighters, should view the goals of CMMC as furthering their missions and vital to all of our security.

The awkward rollout, poor communication, and lack of financial support may mean the program gets revised with a new name or the timeline gets delayed. The core idea though – independent verification of the cyber security of the firms working with sensitive information will stay and be part of contracts in the near future.

While the rollout may be phased in and slow, being ready for the first contracts requiring CMMC or its equivalent is business-critical. For prime contractors, it will only take one RFQ you can’t bid on to cause reputation damage with your customer leading to major organizational changes. For sub primes, because of the requirements to certify the entire supply chain, the inability to participate on contracts will lead to primes building their businesses around subs that they can work with from day 1.

Our Advice

You cannot wait and hope that the chaos around CMMC will give you either the time to worry about this later or that it will go away altogether. It is critical that firms working with the DoD start planning and getting ready now.

While CMMC (or equivalent) will happen (and is a good idea), the largest gap we see is the financial support to aid small and medium businesses in adopting these best practices. CMMC related costs are supposed to be reimbursable in contracts, but that doesn’t help when the work needs to be done now, years in advance of potential bids, and in a low margin, cost-sensitive industry. Continue to advocate to your customers and government representatives that national cybersecurity infrastructure is something that requires federal support now.

What Oxalis Is Doing

We’re committed to helping our customers, the industry, and the nation meet the challenges of the modern cyber security landscape, with increased threats, changes to the work environment, and an increase in volumes of data. In our work to help transform industries we’ve always put compliance and security first and continue to push the ball downfield to meet the evolving landscape. Get support.

We continue to make security-first offerings:

  • All our offerings are built to meet compliance needs – whether robust logging, identity management, MFA/2FA, we’ve already thought through the implications.
  • Flexible deployment models to meet your security needs and risk tolerance – whether on prem, in a hybrid environment or on a sovereign cloud provider (Azure Government or AWS GovCloud), we meet you where you are.
  • We’ve recently become a Microsoft Government Solutions provider which, in addition to our existing AWS and Atlassian partnerships, helps us offer comprehensive security solutions.
  • Looking over the horizon to future needs. While CMMC and 800-171 will drive the next several years, the threats and defenses continue to evolve. We’re already meeting many of the requirements of NIST 800-172 and are actively working to make sure we and our customers are ready to meet the security needs of not just the next few years but the next decade.

Contact us

Schedule time to discuss how we can help you meet and exceed your current and future security requirements.

5 Considerations For Your AWS Cloud Migration Strategy

Many businesses and government organizations are struggling with an AWS migration strategy. Nobody wants to fail and nobody wants to end up on the front page of NYTimes having left S3 open with customer or citizens personal information. Top organization IT professionals ask themselves a series of questions.

  • Where do I start?
  • How do I make sure what I am doing is secure?
  • What is the best pattern to follow?
  • How does this change my organization overall?

Here are 5 AWS Cloud Migration Best Practices:

Below are some AWS cloud migration best practices and AWS database migration strategies that your organization can apply:

(more…)