For more than 40 years, embeddedTS has designed and manufactured single-board computers used in commercial and industrial applications. From its Fountain Hills, Arizona facility, the company’s 40 employees design and test boards and software, manage logistics, and provide customer support. embeddedTS serves a broad range of industries—from energy and transportation to defense—through both off-the-shelf and custom computer solutions. With an expected increase in aerospace and defense contracts, maintaining compliance with federal cybersecurity standards became a top priority.
Situation: Preparing for New Cybersecurity Requirements
When a key customer informed embeddedTS that future contracts would require compliance with the Cybersecurity Maturity Model Certification (CMMC), the team knew they needed to act. CMMC is the U.S. Department of Defense framework designed to protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) throughout the supply chain. Although embeddedTS had previously attended Arizona MEP workshops, they now faced a complex compliance project and turned to Arizona MEP for hands-on support.
A Structured, Cost-Effective Approach
Initially, embeddedTS believed it would need to “harden” its entire facility to meet CMMC requirements which would have been cost prohibitive. Working through Arizona MEP’s structured CMMC compliance program, the team discovered a far more efficient and less costly solution. Through Arizona MEP’s CMMC Gap Assessment and collaborative planning sessions, cybersecurity experts helped the company identify where FCI and CUI were accessed and stored. The result was a streamlined, cost-effective implementation plan that strengthened cybersecurity while preserving company culture and workflows.
Achieving Compliance and Strengthening Security
Today, embeddedTS has completed the NIST SP 800-171 certification process with all 110 controls in place and has submitted its Supplier Performance Risk System (SPRS) score for CMMC Level 2. A mock audit is planned for early 2026, followed by an official certification audit later that year. The company has already retained business with its prime contractor and secured two additional projects as a direct result of its compliance progress. "Thanks to Arizona MEP assistance, we’ve strengthened our capabilities and are now far better positioned to compete for subprime bids and contracts,” said Alan Brown, embeddedTS Marketing Communications Manager. “We’re already seeing increased interest and engagement as a direct result of our recent efforts."
A Trusted Partner for the Journey Ahead
Building on this success, embeddedTS plans to continue working with Arizona MEP on Lean and leadership development initiatives to further strengthen operations and prepare for future growth.
“It always feels like Arizona MEP has our back. Our advisor has become an invaluable resource—helping us avoid costly mistakes and guiding us toward the right solutions. Working with Arizona MEP saved us time and money, helped us retain key customers, and improved our overall cybersecurity posture,” said Alan.