Skip to content
Two engineers in hard hats, backs to camera, facing jet engines in high-bay aerospace facility
Aerospace & Defense Manufacturing · SyteLine ERP

Defense and Regulated Manufacturers Running SyteLine — Two Paths Forward, One Trak-Suite.

If you're pursuing DoD CMMC certification, you need a different configuration than manufacturers who need document control for AS9100 or export compliance. We build both — inside SyteLine.

40+ Years as SyteLine Partner | Infor Gold Partner | 800+ Manufacturers Served

The Problem

What's Different About Defense Manufacturing — And Why Generic ERP Fails It

CMMC compliance is a contract requirement, not an IT project

DFARS and CMMC controls must be mapped to your ERP configuration — not patched on top of it after implementation. When your prime asks specific questions about your cybersecurity posture, your ERP system either has documented answers or it doesn't. Controlled Unclassified Information stored on internal file servers is the most auditable exposure point you have.

Controlled Unclassified Information lives in your ERP

CUI flows through purchase orders, work orders, and document revisions. Every access event is an audit event. Most manufacturers have CUI distributed across file servers, network drives, and shared folders — and no log of who accessed what, when, from which workstation.

Your document control isn't just about quality — it's about export

ITAR-controlled drawings, ECCN classifications, and revision history must be locked, tracked, and auditable at every transaction. A wrong revision on the shop floor isn't a quality problem — it's an export compliance event. The document control system that works for AS9100 may not be sufficient for the controls your DoD prime requires.

CMMC Level 2 — What SyteLine Covers When Configured by Lake Companies

The combined Doc-Trak DoD CMMC + Shop-Trak DoD CMMC product addresses 48 CMMC and NIST SP 800-171 requirements. Of those, 10 specific CMMC Level 2 controls are documented in detail in the Solution Mapping for Core CMMC Level 2 Requirements. The table below summarizes the alignment.

Control What it Requires How Doc-Trak / Shop-Trak DoD CMMC address it
AC.2.016 Account management Centralized via AWS IAM; temporary federated credentials via AWS STS; role-based access; flexible and auditable configuration
AC.2.017 Access enforcement / session termination RFID-based session control; lockout and blackout after inactivity; identity validation before resuming; single-session enforcement across workstations; Kiosk Mode enforcement
AC.2.018 Least privilege IAM role-specific access tied to task; time-bound credentials; real-time RFID authentication; endpoint lockdown via Kiosk Mode; cloned-device mitigation
AC.2.019 Session lock Inactivity detection and lock screen timeout; badge/fob authentication for re-entry; forced revalidation; cross-workstation session control
AC.2.020 CUI control / access limitation CUI segregation in S3 GovCloud; Doc-Trak as managed access gateway; Cloud Explorer + Document Viewer = zero data leakage paths; Kiosk Mode; two-step provisioning; audit logging and threat detection
IA.2.078 Identification and authentication / MFA Cryptographic authentication via smart card/fob; identity verification via IAM and session-specific credentials; no credential exposure to users; real-time threat detection
IA.2.079 MFA for privileged and network access System-managed federated identity with AWS IAM; temporary federated tokens via AWS STS; smart badge/fob + cryptographic authentication; controlled access to admin-level functions
SC.2.179 System and communications protection No file system or storage device access; blocked portable document endpoints; Document Viewer strict read-only; hidden document paths; credential-less access to S3 GovCloud; RFID enforcement; full audit logging
SC.2.180 System architecture / information security Complete elimination of portable storage use; access limited to secure cloud only; explicit disabling of endpoints that could leak to portable storage
AU.2.042 Audit and accountability Security Device Activity Logging; advanced filtering and analysis; controlled access to audit data; integration with document access and system control events; supports incident review and forensics

Our DoD CMMC configuration runs on Amazon S3 GovCloud — the same FedRAMP-authorized cloud infrastructure used by U.S. government agencies. Your CUI is stored in a dedicated S3 GovCloud instance isolated from every other AWS tenant. RFID smart card/fob authentication replaces phone-based MFA on the shop floor, where mobile devices would be a CMMC violation in their own right. Shop-Trak Kiosk Mode locks workstations at the OS level — no Start Menu, no File Explorer, no hot keys, no external drives, no screen capture. Doc-Trak Document Viewer opens documents read-only, blocking every common exfiltration path. When workers are running non-DoD jobs, every control is completely out of sight.

Which Products Apply to Your Path

Take the Free CMMC Readiness Assessment

Doc-Trak, Shop-Trak, Fact-Trak, and APS-ME all run inside the same SyteLine environment — no integration overhead, no separate vendor.
See the full Trak-Suite story →