CMMC & NIST 800-171 Compliant
Azure Virtual Desktop Enclaves for CUI
Compliance Island closes the gap between cloud and compliance
Do you or your customers need to meet NIST SP 800-171 or CMMC 2.0 Level 2 compliance requirements?
Compliance Island brings together system-specific compliance documentation, cloud VDI technology, and security into a single unified platform built on Azure and Microsoft 365.
Designed to meet the needs of Microsoft Partners, Managed Service Providers, and enterprises of all sizes, each instance of Compliance Island is deployed in the end-user organization’s Azure tenant (GCC-High recommended).
Ready-to-use for secure Windows + Microsoft Office 365 workloads, or extended with any Azure, Microsoft 365, or Dynamics 365 services you want to deploy, Compliance Island dramatically simplifies the compliance process, reduces scope, and enhances security.
Ready in a few days
Get compliant in a few weeks
Save up to 70% over one-off solutions
Compliance the Hard Way
Most organizations follow the gap remediation process. This multi-year, risk-prone, one-off approach to compliance leads to significantly increased short and long-term costs.
2 Yr Cumulative Cost and Timeline Gap Remediation Method
About Compliance Island
Who Needs Compliance Island?
MSPs supporting, and U.S. government contractors handling:
Federal Contract Information (FCI)
Controlled Unclassified Information (CUI)
Restricted CUI categories like:
Nuclear (NNPI, DCNI)
Controlled Technical Information (CTI)
Export Controlled (EXPT, NOFORN, NATO)
How Compliance Island Helps
Reduce scope, complexity, time, and cost by segmenting CUI into your own enclave
Securely access Azure Virtual Desktops in GCC High with Microsoft 365 Office Suite from your existing systems
Ready in a few days at a low, fixed cost
Includes: System Security Plan, Policy Documentation; Change, Risk, and Incident Management; Security Monitoring Solution; and more
Meet Compliance Requirements
NIST 800-171 for CUI
CMMC 2.0 Advanced Level 2 (formerly Level 3)
DoD Assessment Methodology (SPRS score)
Basic Safeguarding (FAR 52.204-21)
Satisfies NIST 800-171A Assessment Guide
NIST 800-171 Appendix E (NFO controls)
Compliance Island provides you, or your customer, with individual fully compliant enclave(s) running Azure Virtual Desktop Windows PCs with the Microsoft Office 365 (E5 recommended).
To ensure compliance for all CUI category markings, including export controlled or nuclear, we recommend deploying in Microsoft GCC High and Azure Government.
Deploying in GCC or Commerical Cloud, or using Microsoft 365 E3 + EMS E5 for end-users is available upon request.
A full suite of Core Compliance Documentation is included to ensure you will quickly and cost-effectively meet requirements allowing you to confidently attest to compliance.
Depending on your internal capabilities, you can opt to purchase the Required Compliance Plans and Services from us, or use your existing capabilities.
Full compliance requires some customer participation in these Plans, as shown in the included Responsibility Matrix.
Compliance Island can be used as-is when a Windows PC with Office 365, with or without added applications software, meets the need.
Compliance Island can also serve as the foundation to a larger solution. With a strong architecture, it’s easy to add technology and capabilities built in Azure, Microsoft 365, or Dynamics 365 with much less effort needed to ensure your compliance requirements continue to be met.
Island Systems offers architecture services to help you build your solutions while meeting compliance requirements.
Professionally Architected and Documented
Compliance Island’s included System Security Plan (SSP) contains a full suite of compliance and system architecture diagrams and documentation prepared by skilled enterprise architects.