Broadwire Networks Cybersecurity & Compliance Readiness
At Broadwire Networks, LLC, we are committed to protecting our customers, partners, and the Department of Defense supply chain. As a technology services provider and commercial off-the-shelf (COTS) hardware reseller, we align with the requirements of FAR 52.204-21 — Basic Safeguarding of Covered Contractor Information Systems and the practices required at CMMC 2.0 Level 1 (Foundational).
Our business typically does not store or transmit Controlled Unclassified Information (CUI). However, when handling Federal Contract Information (FCI) (such as purchase orders, invoices, or shipping details), we implement the following 15 safeguarding requirements across our systems and processes.
Our 15 Basic Safeguarding Practices
| Requirement | What it means | Broadwire Implementation |
|---|---|---|
| Limit access to authorized users | Only approved users have accounts | Each employee has a unique login; contractor accounts removed when projects end |
| Restrict functions based on roles | Users only access what they need | Bookkeepers access QuickBooks; technicians access network configs |
| Control external system connections | Only secure devices can connect | Company-issued laptops with endpoint protection are required |
| Control info on public systems | Prevent accidental exposure online | Website lists services only; no contract data posted |
| Identify users/devices | Know who/what is accessing systems | Microsoft Entra ID with unique usernames |
| Authenticate users/devices | Require secure login | MFA enforced on Microsoft 365, VPN, and admin tools |
| Sanitize/destroy media | Properly wipe or destroy drives/paper | Drives wiped or shredded; paper invoices shredded |
| Limit physical access | Secure offices/equipment | Locked office space; cameras in place |
| Escort visitors | Monitor visitor access | Visitors sign in and are escorted on-site |
| Audit physical access | Keep records of entries | Door access logs via smart lock; visitor sign-in retained |
| Separate public systems | Isolate internet-facing services | Company website hosted separately from office LAN |
| Patch flaws quickly | Update systems promptly | Critical patches within 48 hours; monthly updates applied |
| Protect from malicious code | Deploy antivirus/EDR | Huntress EDR and Microsoft Defender used on all endpoints |
| Keep protections current | Update antivirus/EDR | Automatic signature updates multiple times daily |
| Scan systems/files | Run malware/vulnerability scans | Weekly vulnerability scans; real-time email/attachment scanning |
CMMC 2.0 Alignment
These practices map directly to CMMC Level 1 (Foundational) requirements. Broadwire is prepared to demonstrate compliance with these safeguards and to work with contractors requiring higher levels of assurance.
Statement of Readiness
Broadwire Networks affirms our compliance with FAR 52.204-21’s 15 safeguarding requirements and our commitment to maintaining secure systems for all defense supply chain activities.
Authorized Representative
Marcus Aponte
Founder & Managing Member
Broadwire Networks, LLC
Compliance Inquiries
For verification, documentation, or additional details, please contact us at:
📧 compliance@broadwire.net