Previous All Posts

CMMC Enclave: Strategy, Tradeoffs, and 2026 Options

Posted: December 31, 1969 to Compliance.

CMMC Enclave: Strategy, Tradeoffs, and 2026 Options

What is a CMMC enclave and why are contractors choosing one?

A CMMC enclave is a small, isolated slice of your IT environment that is purpose-built to store, process, and transmit Controlled Unclassified Information and nothing else. Everything in the enclave is in scope for the Cybersecurity Maturity Model Certification Level 2 assessment. Everything outside is out of scope. Contractors choose this pattern because it shrinks the assessment surface from hundreds of systems and dozens of users down to a narrow set of workstations, a handful of cloud tenants, and a small identity perimeter. A smaller scope means faster readiness, cheaper assessments, and a lower ongoing cost to maintain compliance.

Petronella Technology Group has helped contractors design enclaves that pass C3PAO assessments on the first attempt, and we have been called in to rescue enclaves that failed because scope crept back out again. The architecture is simple on a whiteboard and surprisingly easy to get wrong in practice.

CUI segmentation: the core idea

Segmentation is the heart of the enclave pattern. The goal is a clean boundary, drawn with network controls, identity controls, and data handling controls, that keeps CUI on one side and general business data on the other. The boundary is never a single firewall rule. It is a stack of overlapping controls: dedicated virtual networks, conditional access policies that restrict CUI applications to compliant devices, sensitivity labels that prevent CUI from leaving labeled containers, and data loss prevention policies that block accidental exfiltration to personal email or consumer cloud storage.

The enclave is successful only when CUI cannot practically cross the boundary during normal work. If a user can drag a CUI document onto their personal OneDrive, the enclave does not exist.

Enclave versus full-org CMMC

The alternative to an enclave is full-organization CMMC, where every system, every user, and every device is in scope. Full-org is appropriate when nearly every employee touches CUI, when your business model requires CUI to flow through many applications, or when leadership has decided that a single security posture for the entire company is simpler to maintain than two.

Full-org is more expensive and longer to implement, but it removes the risk that someone forgets which tenant they are in. Enclaves are cheaper and faster, but they demand discipline forever. Most defense contractors below about 100 employees pick the enclave pattern. Most primes above a few thousand employees have full-org scopes. The middle is a judgment call.

For a side-by-side budget view of both options, work through the CMMC cost breakdown and the main CMMC compliance services overview.

Build versus buy

Once you have picked the enclave pattern, the next question is whether to build it yourself or buy a managed enclave from a provider.

Build means standing up your own Microsoft 365 GCC or GCC High tenant, configuring the security controls yourself, deploying endpoint protection, wiring in your identity provider, and writing every policy. Build gives you control, portability, and no per-seat markup from a provider. It requires a security engineer or team with real Microsoft government cloud experience and someone to run it once the build is done.

Buy means subscribing to a pre-built enclave product from a managed security service provider. These services bundle the tenant, the endpoint agents, the logging stack, and a shared responsibility matrix that maps each of the 110 controls to the provider, the customer, or both. Buy is faster and predictable, but you pay a monthly markup and you inherit the provider choices on identity, logging, and incident response.

For many contractors with lean internal IT teams, buy is the right starting point. Contractors with strong internal security engineering frequently build, because the long-term cost is lower and the resulting environment is tuned to their workflows. The private AI cluster pattern, for contractors who also want local AI processing of CUI without cloud egress, is a natural complement to a built enclave.

Monthly operating cost ranges

Ongoing costs are what surprise most contractors. A useful planning frame, based on industry cost references and publicly discussed CMMC program experience as of 2026, looks like this:

  • Licensing for a GCC or GCC High enclave, per user per month, typically falls in the mid-sixties to upper-eighties range depending on tenant type and SKU bundle. Microsoft publishes these list prices on its government-cloud pages.
  • Endpoint protection adds roughly 5 to 15 dollars per endpoint per month for a reputable endpoint detection and response product when bought outside the Microsoft bundle.
  • Logging and SIEM often runs in the low hundreds to low thousands of dollars per month for small enclaves, depending on event volume and retention.
  • Managed enclave services vary widely. Industry references commonly cite ranges from roughly 100 to 300 dollars per user per month at the low end, up to several hundred per user per month when the provider takes on deeper responsibility for monitoring and response.

These are planning ranges, not quotes. Your final number depends on user count, device count, contract SKU, region, and how much of the control matrix you retain versus transfer. The CMMC cost breakdown walks through every line item with assumptions stated.

When an enclave fails

Enclaves fail for predictable reasons. The top four failure modes we see at Petronella are:

  1. Scope creep. A convenient exception turns into ten, then fifty, and suddenly CUI is on laptops that were never meant to be in scope. Quarterly scope reviews and strict change control keep this from happening.
  2. Identity leakage. Users with accounts in both the enclave tenant and the commercial tenant sign into the wrong place with the wrong credentials. Strict conditional access and separate sign-in surfaces prevent the mistake.
  3. Shadow IT. Teams adopt a new SaaS tool to collaborate, put CUI into it, and the tool was never in scope. A monthly SaaS inventory review tied to the CUI handling policy catches this.
  4. Assessor surprise. The System Security Plan describes one environment and the assessor finds another. Always walk the SSP against production before the formal assessment, ideally with an independent reviewer.

Ongoing evidence collection

CMMC is not a one-time audit. The assessment looks at the last year of evidence. That means an enclave owner has to collect, organize, and retain logs, screenshots, ticket trails, training attestations, incident reports, and configuration baselines from day one of operations. Evidence should be stored in an evidence repository that is itself protected at the CUI level and indexed to the 110 controls.

A lightweight monthly rhythm works well. Month one documents baseline configurations. Each subsequent month captures access reviews, patch status, vulnerability scan output, training completions, and any incident investigations. At the end of the year, the evidence repository is the story your assessor will read. A cluttered or sparse repository drags the assessment out. A well-organized repository often shortens it.

Is an enclave right for you?

An enclave fits when CUI touches a minority of your users and systems, when you want to limit the scope of an expensive assessment, and when your organization has the discipline to maintain a boundary. It does not fit when CUI is everywhere, when the business cannot tolerate a second tenant for collaboration, or when you have no one to own the boundary long term.

The honest answer is almost always found by mapping CUI flows against your org chart. If the flow touches 15 percent of your users, the enclave saves money. If it touches 80 percent, a full-org scope is probably cheaper in the long run.

Enclave architecture patterns we see in the field

Three architectures cover the vast majority of successful enclaves we have helped build or audit.

Pattern 1: Microsoft-centric cloud enclave. A dedicated GCC or GCC High tenant with Intune-managed endpoints, Entra ID conditional access, Purview sensitivity labels, and Microsoft Defender for Endpoint. This pattern is the fastest to stand up for contractors already on Microsoft. It keeps identity, device, and data controls in a single management plane, which simplifies evidence collection.

Pattern 2: Hybrid cloud-plus-on-premises enclave. A GCC or GCC High tenant for email, collaboration, and file sharing, paired with an on-premises workstation bastion or a dedicated virtual desktop infrastructure environment for CUI-heavy workflows such as computer-aided design or specialized engineering software. This pattern adds complexity but keeps heavy workloads on hardware you control.

Pattern 3: Fully on-premises enclave. Every piece of CUI handling happens on dedicated hardware, segmented networks, and local identity. This pattern fits contractors who need data sovereignty, air-gapped workflows, or who operate in environments where cloud connectivity cannot be assumed. It demands the strongest internal security engineering team and the heaviest evidence collection discipline. Pairing this pattern with a private AI cluster removes the last cloud dependency for contractors who need AI-assisted engineering analysis on CUI data.

Pick the pattern that matches your workload, your team, and your contract clauses. Do not pick the pattern that matches a vendor pitch deck.

Governance: who owns the enclave

An enclave without an owner decays. The boundary owner should be a named person with authority to say no to scope expansion requests, not a committee. That person runs a monthly boundary review with security, IT, and at least one business stakeholder. The review walks the scope list, reviews any exception requests filed since the last review, confirms the SaaS inventory, and signs off on the change log.

Without this rhythm, exceptions creep in, SaaS tools appear without review, and the enclave drifts away from the System Security Plan. With this rhythm, the enclave stays healthy between assessments and the evidence collected month by month tells a clean story.

Working with external service providers

Most enclaves have external service providers: a managed service provider, a cloud backup vendor, a security operations center, or a specialized compliance tool. Every provider that touches CUI, or could touch CUI, must be documented in the System Security Plan with a customer responsibility matrix. The matrix lists every control, the provider share, the customer share, and the joint-responsibility share. Assessors read the matrix carefully. Gaps there become findings.

Ask every provider whether they meet FedRAMP Moderate at a minimum, or in the GCC High case FedRAMP High, and ask for the supporting paperwork. Providers who cannot supply a customer responsibility matrix should be treated as risks until they can, or replaced with providers who can.

Frequently asked questions about CMMC enclaves

Is an enclave officially recognized in the CMMC rule?

The term enclave is industry shorthand, not a formal designation in the rule text. What the rule requires is a documented scope, and the enclave pattern is the cleanest way to draw a small, defensible scope. Assessors understand the pattern and frequently prefer it because the scope is easier to walk.

How small can an enclave be?

Technically, an enclave can be a single user on a single dedicated laptop with a single cloud tenant. Practically, enclaves below five users still need the full policy stack, full log collection, and full evidence discipline, so the per-user cost is high. Most contractors find the economics improve between ten and fifty users.

Can employees have accounts in both the enclave and the commercial environment?

Yes, and many do. The trick is strict separation. Different usernames, different MFA tokens, different device enrollments, and conditional access that refuses to let enclave applications run on non-enclave devices. Users need training to understand which environment they are in at any moment.

Does an enclave reduce my cyber insurance premium?

It can, because underwriters increasingly reward documented scope limitation and modern controls. Ask your broker to quote with and without documentation of the enclave architecture and its evidence program. Outcomes vary by carrier.

What is the fastest way to kill a healthy enclave?

Allowing one exception and then normalizing it. Every successful enclave we have seen is protected by a named owner who treats the boundary as non-negotiable and who has leadership backing to say no. Without that, exceptions compound, the boundary blurs, and the next assessment finds CUI in places it should not be.

Where to go next

Review the CMMC cost breakdown to see how an enclave compares against full-org scope in your budget model, and visit the CMMC compliance services page to schedule a readiness review with a CMMC Registered Practitioner. For contractors planning to keep CUI processing on-premises for data sovereignty or cost reasons, the private AI cluster page explains how a dedicated environment can be part of your enclave rather than a cloud dependency. Pick the pattern that matches your CUI footprint, write it down, and defend the boundary every month.

Need help implementing these strategies? Our cybersecurity experts can assess your environment and build a tailored plan.
Get Free Assessment
Explore Our Services
Cybersecurity AI Services Compliance HIPAA CMMC Managed IT

Related Articles

CMMC Level 2 Checklist: 14 Controls Most Primes Fail CMMC Level 2 Checklist: 14 Controls Most Primes Fail HIPAA Security Rule 2026 Update: Q3 Deadlines for CEs HIPAA Security Rule 2026 Update: Q3 Deadlines for CEs NIST Compliance Checklist: Complete Framework Guide for 2026 NIST Compliance Checklist: Complete Framework Guide for 2026 FedRAMP Compliance Checklist: Authorization Guide FedRAMP Compliance Checklist: Authorization Guide

About the Author

Craig Petronella, CEO and Founder of Petronella Technology Group
CEO, Founder & AI Architect, Petronella Technology Group

Craig Petronella founded Petronella Technology Group in 2002 and has spent more than 30 years working at the intersection of cybersecurity, AI, compliance, and digital forensics. He holds the CMMC Registered Practitioner credential (RP-1372) issued by the Cyber AB, is an NC Licensed Digital Forensics Examiner (License #604180-DFE), and completed MIT Professional Education programs in AI, Blockchain, and Cybersecurity. Craig also holds CompTIA Security+, CCNA, and Hyperledger certifications.

He is an Amazon #1 Best-Selling Author of 15+ books on cybersecurity and compliance, host of the Encrypted Ambition podcast (95+ episodes on Apple Podcasts, Spotify, and Amazon), and a cybersecurity keynote speaker with 200+ engagements at conferences, law firms, and corporate boardrooms. Craig serves as Contributing Editor for Cybersecurity at NC Triangle Attorney at Law Magazine and is a guest lecturer at NCCU School of Law. He has served as a digital forensics expert witness in federal and state court cases involving cybercrime, cryptocurrency fraud, SIM-swap attacks, and data breaches.

Under his leadership, Petronella Technology Group has served 2,500+ clients, maintained a zero-breach record among compliant clients, earned a BBB A+ rating every year since 2003, and been featured as a cybersecurity authority on CBS, ABC, NBC, FOX, and WRAL. The company leverages SOC 2 Type II certified platforms and specializes in AI implementation, managed cybersecurity, CMMC/HIPAA/SOC 2 compliance, and digital forensics for businesses across the United States.

CMMC-RP NC Licensed DFE MIT Certified CompTIA Security+ Expert Witness 15+ Books
Related Service
Achieve Compliance with Expert Guidance

CMMC, HIPAA, NIST, PCI-DSS — we have 80% of documentation pre-written to accelerate your timeline.

Learn About Compliance Services
Previous All Posts
Free cybersecurity consultation available Schedule Now