Stratus Services, LLC

03/06/2026

🚨 Slam the Scam! 🚨

During National Consumer Protection Week, the Social Security Administration is encouraging everyone to help stop scammers who target people with fake government calls, emails, and messages.

Here are a few warning signs of common scams:

⚠️ Unexpected messages about problems with your Social Security number or benefits
⚠️ Pressure to act immediately
⚠️ Requests for payment using gift cards, cryptocurrency, or wire transfers

Government agencies will never request payment using these methods.

At Stratus Services, we’re passionate about helping our community stay safe from cyber threats and scams. We also work with local organizations to provide cybersecurity awareness presentations on topics like phishing and fraud prevention.

In fact, we’ll be presenting on March 26 with the Meridian Chamber of Commerce!

Want to learn how to recognize scam tactics and protect yourself?

Read our latest blog here 👇
🔗 https://www.stratus-services.com/post/slam-the-scam-social-security-scams

Learn how to spot Social Security scams during National Consumer Protection Week. Discover common scam tactics, warning signs, and how to report fraud to the SSA and FTC.

02/25/2026

Everyone is talking about AI.

Very few people are talking about how to use it safely inside a business.

In our latest episode, we break down the difference between ChatGPT, Microsoft Copilot, and other AI tools. We talk about security, data privacy, storage costs, and why not all LLMs are built for the same job.

If you have ever wondered which AI tool actually makes sense for your company, this episode will help.

Watch it here: https://youtu.be/4_7hYRpFo7E

AI is powerful. Just make sure you are using the right one.

How do you actually choose the right LLM for your business?In this episode of the Stratus Sphere Podcast, Owen Phillips (Marketing Director at Stratus Servic...

02/11/2026

🙌 Big milestone alert: Stratus Services, LLC has officially achieved Level 2 certification, becoming Alaska’s first CMMC L2 certified MSP. Huge shout out to our certification team: Joshua Rabe, Joel Recane, and Liam Shea for all their hard work!

📈 A step above the rest

Achieving CMMC Level 2 certification for Stratus’ managed services platform is a major milestone and a distinction that sets Stratus apart from most MSPs. This isn’t a consulting exercise or a theoretical framework, our platform is built, operated, and audited to the same CMMC Level 2 requirements that clients must meet to protect Controlled Unclassified Information (CUI).

🔐 Know that we mean business

Because this is the platform used to deliver services to clients every day, the controls are proven, operational, and audit-ready. For current and prospective customers, that means fewer unknowns, faster paths to compliance, and a partner delivering services on infrastructure that has already met the CMMC bar.

🔄️ And we'll do it again...

Stratus is no stranger to these rigorous standards, having graduated two local Alaska firms to their CMMC L2 certification. Last Fall, CRW Engineering Group became one of the first 85 firms nationally to become CMMC L2 certified with Stratus’ guidance. Just last month, Stratus also assisted R&M Consultants to successfully complete their CMMC L2 certification, with more companies set to complete L1 & L2 certs in the months to come.

⚠️ Don't wait!

The Department of Defense CMMC rollout accelerating—and L2 required by Nov. 10, 2026 for applicable contracts—the time to prepare is now. As a Cyber-AB Registered Provider Organization, we’re ready to help contractors move forward with clarity and confidence.

02/10/2026

If you think CMMC is “just a cybersecurity project,” we will challenge that assumption.

In our new episode of the Stratus Sphere Podcast, we break down what it actually takes to implement all 110 CMMC Level 2 controls—from executive buy-in and team dynamics to policy reality checks and CUI handling pitfalls.

🎙️ Owen Phillips, Joshua Rabe, Joel Recane, and guest Summer Roseborough share hard-earned lessons from the field, including:
- Why CMMC is a monumental team effort, not a solo IT task
- How poor communication quietly derails compliance programs
- The real risks of over-labeling CUI
- What we understand about joint ventures and CMMC
- Why policies that look good on paper still fail irl

If you’re a DoD contractor, MSP, compliance lead, or executive preparing for CMMC (or already feeling the pain) this conversation will save you time, money, and rework.

▶️ Watch the full episode here:
https://youtu.be/afPHD9M7oeo

hashtag hashtag hashtag hashtag hashtag hashtag hashtag hashtag hashtag hashtag hashtag

In this episode of the Stratus Sphere podcast, hosts Owen Phillips, Joshua Rabe, Joel Recane, and guest Summer Roseborough discuss the complexities of the Cy...

02/09/2026

CMMC is no small feat. Take it from our friend Summer Roseborough, Federal Contract Specialist for RS&H.

New episode exploring the ins and outs, wins and fails of the process from the not entirely technical perspective 𝒅𝒓𝒐𝒑𝒔 𝒕𝒐𝒎𝒐𝒓𝒓𝒐𝒘.

02/03/2026

Everything works. No breach. Still not HIPAA compliant.

That’s the reality for many medical offices in 2026—and it’s costing practices more than they realize.

Here’s why “working IT” isn’t the same as compliant IT.

👉 Read the full post: https://www.stratus-services.com/post/why-hipaa-compliance-fails-without-proper-management

Medical practices face heightened cyber risk and stricter HIPAA enforcement, making proactive, well-documented IT management essential for protecting ePHI, avoiding costly fines, and ensuring secure, compliant continuity of patient care.

01/27/2026

How do you identify CUI?

If you’re waiting for Controlled Unclassified Information to always show up neatly labeled, you may miss it.

While the government is responsible for marking CUI, it isn’t always clearly identified in practice—and contractors are still responsible for protecting it.

Like many legal standards, CUI depends on context. Experienced teams often recognize it quickly, even when the definition feels unclear on paper.

The right way to manage CUI under CMMC isn’t guesswork—it’s scope, process, and consistency.

Unlike the famous Supreme Court case Jacobellis v. Ohio (1964), “I know it when I see it” isn’t a defensible compliance strategy.

hashtag hashtag hashtag hashtag

01/23/2026

📌 CMMC is no longer a “future requirement” for A/E/C firms supporting the DoD. It’s here, and it’s already impacting real engineering workflows.

If your teams rely on AutoCAD, Revit, Civil 3D, shared project folders, subcontractors, and field access, compliance can’t be handled with “just lock it down” thinking. The firms that win 🏆 are the ones building CMMC around how engineers actually work, without sacrificing performance or collaboration.

We broke down the practical impacts, common pain points, and what a CUI enclave approach looks like for A/E/C firms in our latest post. 🤓

👉 Read the full article on our website.

https://www.stratus-services.com/post/cmmc-for-a-e-c-firms-practical-impacts-real-challenges-and-what-to-expect

CMMC compliance is now a tangible, impactful requirement for A/E/C firms supporting the DoD. CAD-heavy workflows (AutoCAD, Revit, Civil 3D) make it far more complex than simply “locking things down.” One way to be successful in CMMC Level 2 implementation is a virtual enclave where CUI is separa...

01/19/2026

It's time to make some resolutions for 2026.

Believe in resolutions or not, taking a moment to add updates to your cybersecurity posture as you are considering your goals for 2026 can be beneficial to your business.

A couple of reasons:

- Build trust with your customers: when they know their data is protected, they want to do more business with you.

- Save yourself heartache (and money): sure, investing in prevention can seem the opposite of cost effective. However, if it saves you from a breach or incident, you'll save in the long run. What's worse? A day without your computer or two weeks?

- Upgrading efficiency: having an MSP that work with you to find pinch points and mitigate might not only save you money, but also time (which is also money, right?).

Read our full blog from last year. Which is all still relevant. If not more so.

The New Year is a great time to reflect on your cybersecurity posture. Here are some quick tips to protect yourself in the year to come.

01/15/2026

Another Alaska company with CMMC L2 Certification!

01/14/2026

🚨 Claiming CMMC Compliance Without Meeting the Controls Is a Risk

We read a Reddit post about organizations self-assessing as “CMMC compliant” while their systems don’t actually meet the required controls.

Self-certification doesn’t change the fundamentals:
👉 If the controls aren’t implemented, you’re not compliant.

Saying you’re compliant because an assessment hasn’t happened yet — or because certification isn’t required this year — is one of the fastest ways to set your organization up for failure when enforcement, audits, or contract reviews occur.

In this clip from the Stratus Sphere Podcast, we break it down.

If you handle CUI, support DoD contracts, or rely on an MSP to guide compliance, this is a conversation you can’t afford to ignore.

🎥 Watch the video and decide if your organization is actually compliant — or just assuming it is.

05/08/2025

According to The Cyber AB, there are only 85 companies that have been issued a CMMC L2 Certification nationwide. We’re happy to say that we’ve contributed to that number.

While the process is onerous, and the field is looking to grow more crowded, we are prepared to help you achieve your CMMC L2 Certification. We’ve got the experts and the track record to prove it.

Don’t wait. Assessment slots are already booking 6 months out and likely to become even more scarce (until the number of assessors increases). Reach out today and we’ll be happy to get you on track for CMMC.

More info from the Cyber AB: https://lnkd.in/gfptFp_4