Skip to main content
Site Search
  1. Home
  2. Resources
  3. Case Studies
  4. How Defense Unicorns achieved CMMC Certification using Jamf

How Defense Unicorns achieved CMMC Certification using Jamf

Defense Unicorns, a defense tech company that focuses on making software a strategic deterrent, needed to meet CMMC compliance requirements efficiently and securely. They chose Jamf's Premium Cloud product as a Security Protection Asset. With Jamf, they created a secure and auditable environment that aligned with compliance objectives and supported continuous productivity.

Achieved CMMC compliance without FedRAMP
Used Jamf for 80% of CMMC controls implementation on devices
Streamlined audit readiness with minimal user disruption

Responding to the CMMC mandate

The U.S. Department of Defense (DoD) requires strict cybersecurity standards from its network of over 220,000 organizations in the Defense Industrial Base (DIB). To meet these requirements, organizations must comply with the Cybersecurity Maturity Model Certification (CMMC), a comprehensive framework designed to protect Controlled Unclassified Information (CUI).

Defense Unicorns, a government contractor focused on secure software delivery, needed to meet CMMC compliance requirements efficiently and securely. Jamf provided the control and visibility needed to support a compliant Apple device environment.

Navigating CMMC complexity

Complying with CMMC means implementing detailed security controls, managing endpoint access, maintaining logs and continuously monitoring for threats. It also means minimizing the number of systems that store, process, or transmit CUI, as those systems would require additional certifications such as FedRAMP Moderate or High.

Defense Unicorns needed to:

  • Meet the technical and scoping requirements of CMMC
  • Enforce security controls on endpoints using best-in-class capabilities
  • Maintain productive velocity for a highly technical, remote workforce
  • Minimize the need for IT Admins to produce and maintain complicated device compliance scripts

Defining the role, unlocking the value

Defense Unicorns designated Jamf as a "security protection asset" under the CMMC framework. This positioning was essential because it:

  • Ensured Jamf was designed as a system that does not touch CUI
  • Allowed the use of Jamf without FedRAMP authorization
  • Limited Jamf’s role to implementing configurations and security enforcement
  • Prevented remote desktop management features from being used to access CUI

As Nate Lotts, Director of IT Operations at Defense Unicorns, explained, “Even evaluating alternatives underscored the value of Jamf Compliance Editor… Could I technically build a baseline without Jamf? Sure. Would I ever want to? Absolutely not.”

This strategic classification enabled Defense Unicorns to stay compliant while avoiding additional regulatory overhead.

Translating policy into practice

Defense Unicorns utilized Jamf to enforce approximately 80% of required CMMC controls for MacOS devices, including:

  • Configuration baselines
  • Access permissions
  • Software and hardware inventory
  • USB and print restrictions
  • Traffic monitoring and reporting

The compliance team described Jamf’s reporting capabilities as “the easy button” for assessments, helping streamline audit preparation across distributed teams.

Jamf Compliance Editor brings immense value: pre-mapped NIST 800-171 controls you can roll out directly in Jamf Pro, practical implementations for controls I wouldn't have even considered, and ongoing device monitoring through compliance scripts that flag deviations from your baseline. It's not just a tool for building baselines; it's for construction, implementation, control, and sustained compliance. I likely would have spent over 180 hours on just the baseline alone without it.
Nate Lotts Director of IT Operations, Defense Unicorns

Empowering secure developer productivity

Developer experience remained a priority throughout. With Jamf, the team enabled just-in-time privilege escalation, tracked approved apps, and audited installations, all without compromising compliance.

This strategy allowed developers to stay productive while maintaining visibility and control for security and compliance teams.

Results

  • CMMC certification successfully achieved
  • Jamf classified as a Security Protection Asset rather than a CUI Asset
  • No FedRAMP requirement triggered
  • Audit preparation streamlined
  • Security strengthened across Apple device fleet
  • Saved 180+ hours on baseline development using Jamf Compliance Editor

Conclusion

Defense Unicorns achieved CMMC certification while preserving operational agility. Their success highlights how Jamf enables government contractors to meet evolving compliance demands with confidence and efficiency.

Jamf Compliance Editor gave us the keys to the kingdom. It's the easy button to streamline security implementation and audit readiness.
Alexis Gerst Director of Security, Defense Unicorns

See how you too can achieve Apple success by taking Jamf for a free test drive. Request a Trial.