Aulendur Labs — Cyber Policy Library¶
Owner: Jorden Gershenson, CTO / ISSM Classification: Internal — Aulendur Labs personnel only Frameworks: NIST SP 800-171 Rev. 3 | CMMC 2.0 Level 2 | DFARS 252.204-7012 | NIST SP 800-53 Rev. 5
Quick Links¶
| Section | Description |
|---|---|
| Status Dashboard | What's done, in-progress, and pending |
| Governance Policies | Master security policy, roles, risk, classification, acceptable use |
| Personnel & Physical | Screening, onboarding, training, physical security, remote work |
| Access & Identity | Access control, authentication, MFA, privileged access |
| NIST 800-171 R3 Crosswalk | Control-by-control coverage mapping |
About This Library¶
This is the authoritative cybersecurity policy library for Aulendur Labs, Inc., a Service-Disabled Veteran-Owned Small Business (SDVOSB) building AI/ML systems for defense, energy, logistics, and agriculture.
These policies are designed for Aulendur's current scale (~5 personnel) and technology stack (Google Workspace, GitHub, 1Password, YubiKey, Linode, Cloudflare, AWS). They are structured to satisfy CMMC 2.0 Level 2 requirements and DFARS 252.204-7012 obligations.
How to Use¶
- All personnel: Read and comply with the Acceptable Use Policy and Code of Conduct.
- New hires: Your onboarding checklist references specific policies — complete training within 10 business days.
- Policy questions: Contact the CTO/ISSM.
- Report a violation: Contact the CTO/ISSM via Slack #security-incidents.
Classification Notice
This site contains Internal information intended for Aulendur Labs personnel only. Do not share access credentials or site content with unauthorized individuals.