Provider combining logistics and technology competencies to deliver innovative services and solutions to their clients. Since 2007, Premier has grown to operate one of the largest system integration and repair facilities. Their proprietary process decreases integration and repair times for technology systems including mobile devices, servers, laptops, and tablets for corporate, government, and education customers. They leverage technology to deliver a better solution. Their centralized location in Coppell, Texas, enables them to reach 95% of the nation in 3 business days or less.<br><br>
Premier is known as the industry-leading lifecycle services company for logistics and technology. They specialize in sourcing product, warehousing, asset management, providing technology configuration and deployment services, electronic repair and refurbishment. Their lifecycle services are to help customers streamline their operations, reduce costs and eliminate high levels of waste by extending the useful life of products.<br><br>
Advanced manufacturing methods provide fast, reliable repair services for a variety of electronics, including wireless, transportation, wireline, telematics, telemetry, consumer, communication, telecom and security equipment. Premier prides themselves on delivering cost-effective and green returns management solutions.
DFARS Compliance and CMMC in Lieu of SOC 2
The Situation
Premier LogiTech faced losing millions in Department of Defense (DoD) sales and jobs if they did not meet DFARS 252.204.7012 mandate and as well as the upcoming CMMC Level 3 mandate. The Defense Federal Acquisition Regulation Supplement (DFARS) is a set of cyber security regulations that the DoD requires for their contractors and suppliers. The Cybersecurity Maturity Model Certification or CMMC is a 5-tiered approach to audit contractor and supplier compliance with NIST SP 800-171. Premier LogiTech was already required to complete System and Organization Controls level 2 (SOC 2) audit and compliance annually requiring significant costs, time and effort in order to keep their contracts with the DoD. The SOC 2 compliance is a systems and data protection certification which ensures that all data is protected and that Premier LogiTech is effectively practicing and safeguarding the information and data while doing business with the DoD.
The Solution
TMAC engaged with the Premier LogiTech, LLC. (Premier) management team by first addressing the requirement to be DFARS 252.204.7012 compliant. TMAC deployed the TMAC cyber security roadmap, TMAC’s processes and utilized supporting tools to assist Premier LogiTech in completing an assessment to determine where they were currently (in 2019) compared to the January 1, 2017, DFARS Standard. Throughout the process TMAC assisted Premier in developing system/site plans, risk analysis and an incident response plan to meet all requirements while customizing a solution. This approach helped Premier LogiTech so that while these new standards were being implemented the Premier LogiTech operation was not overwhelmed or disrupted. This required numerous strategic discussions about how best to model the system. This process is more of a journey, much like any ISO process, but in more depth. As the team neared DFARS 252.204.7012 compliance, DoD implemented the CMMC program thereby increasing the threshold of compliance. In mid-2020 Premier LogiTech and TMAC approached Regan Edens of the CMMC Accreditation Board for assistance with a pre-assessment (or pre-audit) to determine where Premier LogiTech was compared to CMMC level 3 standards. Because Premier’s customers already required SOC 2 compliance and the CMMC level certification is a much stricter standard, Premier customers accepted the CMMC level 3 pre-assessment and compliance in place of the SOC 2 compliance. Regan connected Premier and TMAC with DTC Global to conduct the assessment which included a very detailed review of the plan and penetration testing. Premier LogiTech’s program did well in the audit as well as the penetration test. All findings are being addressed by Premier LogiTech and a 2nd penetration test will be completed in late 2021. Not only does Premier LogiTech have a robust cyber security plan, but they are one of our nation’s leaders in the Defense Industrial Base (DIB) in meeting CMMC Level 3 Compliance.
The Result
Premier LogiTech is expected to be one of the first companies in the United States to receive the CMMC level 3 certification. They were able to retain and grow their federal footprint by implementing quickly for critical infrastructure opportunities in the Federal Government.
Retained jobs
New and retained contracts with Department of Defense
Leading company in the United States to receive CMMC Level 3 compliance
Next Steps
Premier has a great relationship with TMAC and has used them for projects in the past. When NIST and CMMC requirements were required by the Federal Government, Premier immediately turned to TMAC for help. Their expertise and guidance has been critical to our success in achieving high level compliance in a short amount of time.”
- Scott P
President & CEO