I've been sounding the alarm bells about ITAR, DFARS, EAR compliance for a while now! None of the software vendors I've talked to seem to understand that it is AGAINST THE LAW to upload customer supplied IP to their super-secure Cloud based product that they're trying to get me to switch too. "The lowest TCO, you'll get ROI in 6 months!"
Ya, but are you compliant with NIST 800-171 requirements?
"Ohhh, uhhh... I don't know. I'll ask the engineering team but I'm sure we're fine!"
I've been sounding the alarm bells about ITAR, DFARS, EAR compliance for a while now! None of the software vendors I've talked to seem to understand that it is AGAINST THE LAW to upload customer supplied IP to their super-secure Cloud based product that they're trying to get me to switch too. "The lowest TCO, you'll get ROI in 6 months!"
Ya, but are you compliant with NIST 800-171 requirements?
"Ohhh, uhhh... I don't know. I'll ask the engineering team but I'm sure we're fine!"
Ya, ok.