Case Studies

How Protocase Streamlined Their NIST 800-171 and CMMC Compliance Process

How Protocase Streamlined Their NIST 800-171 and CMMC Compliance Process

At Carbide, we pride ourselves on enhancing our customers’ information security strategies through innovative solutions and expert guidance. We recently sat down with Brandon Graham, IT Manager at Protocase, and Steve Lilley, President at Protocase, to discuss the benefits of working with Carbide in their information security program. They highlight the various standards and frameworks they have to consider and the value of having the dedicated team at Carbide to guide and support their security efforts.

Tell us a bit about Protocase and what you do.

Steve Lilley: Protocase is a low-volume manufacturer of custom metalwork, machine parts, sheet metal parts, and enclosures for engineering and science. What emerged from that is an emphasis in aerospace and defense represents about 25 % of our business. So we’ve moved heavily into, in terms of aerospace and defense, into the US market. We sell to 19 of the 20 top defense companies in the United States.

What security frameworks do you focus on to manage your duties?

Steve Lilley: As a result of the extensive government work we do in aerospace and defense, we face stringent requirements around security, particularly data security. Our main framework is NIST 800-171, but we also comply with CMMC, DFARs, and more. These frameworks are crucial for maintaining our security standards, which were initially somewhat foreign to us. Therefore, we needed to bring in expertise and we reached out to the experts at Carbide. Another reason for this outreach was the general need to be prudent in ensuring that we had the necessary security measures in place to protect ourselves and our data integrity, among other things. Carbide provided the expertise we needed, initially on a consulting basis, and subsequently assisted us in developing all our policies and procedures and in taking the necessary actions to comply with the latest standards.

How has partnering with Carbide helped Protocase in its mission around information security?

Brandon Graham: Since I wear multiple hats, it’s invaluable to have someone who can guide me through the process instead of handling everything myself. From the research side of things, having someone I can reach out to for validation or direction has been a game changer. The documentation support—whether it’s assembling documents for us to review or proofreading our submissions—ensures our documentation is up to par, which has been phenomenally helpful. Just knowing there are experts in the field that we can consult alleviates much of the pressure from the unknowns.

Can you elaborate on the features of our platform that you find most valuable?

Brandon Graham: The documentation module has been a game-changer for us. For instance, having all our NIST documentation organized into subsections and easily accessible so that we can quickly find specific rules or regulations has expedited our processes.

Have you seen our latest feature – Documents and Templates?

Brandon Graham: I’ve seen the updates, and they look promising. Features like these that streamline the creation and management of compliance documents are exactly why we value this platform.

If you were to advise another organization considering Carbide for their security needs, what would you say?

Brandon Graham: I’d emphasize the ease of use and the personalized support from the team. Working with Carbire isn’t just about accessing a robust platform; it’s about building a relationship with a team that understands and responds to your unique challenges. It’s not just about the tools; it’s about the people behind them that make the difference.

Feedback on working with Carbide.

Brandon Graham: Just the ease and the personal side of things stand out. Take our CSM, Ryan, as an example—I have someone I can count on, which gives me peace of mind knowing that I’m consulting experts and will get coherent, relevant answers. The tailored, specific responses demonstrate your care for the customer, showing that it’s not generic—it’s personalized. The simplicity of the service is what I’d like to emphasize. It doesn’t add extra hurdles; rather, it alleviates the existing ones, which is a significant win in my opinion.

Streamline Your NIST 800-171 and CMMC Compliance Process with Carbide

Navigating the complex requirements of enterprise security standards, such as NIST 800-171 and CMMC, to meet US Department of Defense (DoD) security requirements can be a challenging and costly process. At Carbide, we provide more than just an automated platform; our comprehensive service includes hands-on assistance from our dedicated security team, ready to tackle tasks that can’t be automated. By centralizing controls, policies, and generating critical tasks, along with offering robust planning tools, Carbide equips your company to accelerate its compliance timeline. Discover how Carbide can help you save both time and money on NIST 800-171, CMMC, and other compliance frameworks with expert support from our in-house security team. Start your journey and see Carbide in action with a free trial, or book a demo with our team today.