Can Defense Contractors Use ChatGPT Under CMMC?

Yes. A defense contractor can use AI and stay compliant. The deciding factor is where the model runs, not the AI tool you picked. Run it in the wrong place and you've handed Controlled Unclassified Information to a system you don't control.

One disclosure before the rest of this is useful. CybertronIT is a CMMC Registered Provider Organization. We get contractors ready and we run the IT that keeps them ready, and we partner with them through the process. We are not a C3PAO, so we don't conduct the assessment that grants your status. What follows is operator advice from inside the framework, not an assessor's ruling. Anything tied to a specific rule date or a specific product's authorization, confirm it against current DoD and Cyber AB guidance before you act, because this area has moved fast and keeps moving.

Here's the problem we actually run into. When we assess a prospect's environment before taking it over, we find people already using AI, and not in any planned, governed way. Someone in engineering is pasting a drawing callout or a spec into a public chatbot to clean up the wording. Someone in contracts is summarizing a flowdown clause the same way. Every one of those is a disclosure of company data to a model that may train on it, store it, or both, on infrastructure that sits well outside your assessment boundary. If any of that data was CUI, you didn't just use a tool. You created a reportable problem.

So the real question is where the inference happens, because the three places a model can run aren't equal.

A public, commercial AI service is fine for the work that never touches controlled data. Marketing copy, a first draft of a job posting, general research. The moment CUI goes into that box, it's gone, and you can't pull it back. Treat the public tools as off-limits for anything in scope, and make sure your people know the line, because right now most of them don't.

A cloud environment built to meet the DoD requirements is the middle path. Under DFARS 252.204-7012, if you use an outside cloud provider to store, process, or transmit covered defense information (CUI is the shorthand most people use for it), that provider has to be FedRAMP Moderate authorized or meet FedRAMP Moderate-equivalent requirements under DoD policy. Encryption alone doesn't get you out of that, and CMMC didn't replace the rule. It's the same requirement that's applied for years.

Be careful with the AI part here, because the old shortcut no longer holds. It used to be safe to say the government version of a tool is in scope and the commercial version isn't. That's not true anymore. Authorization now attaches to a specific service, sometimes a specific environment, and sometimes only certain features inside it. At least one mainstream commercial AI service now carries FedRAMP Moderate status, while some government versions don't include every feature. Don't assume it either way. Before any AI tool touches controlled data, confirm the exact product, environment, and feature set against current provider documentation and the FedRAMP Marketplace.

The third place is your own hardware. A private model running on a server you own, inside the 800-171 environment you already control, means the CUI never leaves your boundary. This is the option most contractors don't realize is on the table, and it's the one we know cold, because we build the servers it runs on.

Most contractors have never seen a private deployment, so here's what it actually looks like. Someone on your team asks the model a question, the same way they would a public chatbot. The difference is that the model answering runs on a server in your own rack, inside the same environment your controlled data already lives in. The question, the files it pulls from, the record of who asked what, and the answer that comes back all stay inside that boundary. Nothing gets shipped out to be processed somewhere else, because there is no somewhere else. Everything happens within the boundary you're already responsible for.

Here's the part people get wrong about that last option. Putting the model on-prem doesn't make you compliant by itself. The second that GPU server processes CUI, it joins your assessment boundary like any other system. It inherits the same access control, the same audit logging, and the same configuration management as every other box that touches controlled data. On-prem gets you control. It doesn't get you a free pass on the controls. We'd rather you hear that from us now than from an assessor later.

This is where our experience runs deeper than most of the firms writing about AI right now. We don't only advise on this. We manufacture PCs and servers on our own line, which means sizing a private model is a conversation we have from the build side. Sizing one comes down to four questions. How many people will use it, which model needs to run, how fast the answers have to come back, and how much data it has to work through. Those answers are what decide whether you're looking at a single workstation under a desk, one dedicated AI server, or a multi-GPU setup in the rack. The ceiling on all of it is VRAM. A small model that cleans up documents needs a fraction of what a larger reasoning model needs, and guessing wrong means you either overspend on hardware you didn't need or buy a box that chokes on the workload. Very few companies in this market sit at the intersection of the compliance framework, the manufacturing line, and the GPU supply chain. That's the seat we're in, and it's why we can tell you what a private deployment takes to stand up rather than describe it in the abstract.

The honest read for most suppliers in the defense base is that this isn't an either/or. You use AI and protect CUI at the same time, as long as you decide, per workload, which of the three places it runs. Some of your work belongs on a public tool. Some belongs in a government cloud. The work that touches your most sensitive controlled data probably belongs on a private model in a boundary you own. Mapping that out takes a couple of hours, and it costs far less than cleaning up a disclosure.

One more thing worth saying plainly, because it shapes how we work. We don't take on CMMC readiness as a standalone project while another firm runs your IT. The system security plan and the live systems have to be on the same team or the documentation drifts from reality the day after it's written, and AI infrastructure widens that gap rather than closing it. Readiness and the Managed IT behind it are one engagement. If you already have an MSP, that's a real conversation about timing and whether the contracts at stake justify a switch, not a reason to bolt compliance onto a setup that won't hold it.

If AI is already in your environment, or you know your people are using it and you'd rather get ahead of it, book a working session with us. We'll map your actual AI use against your CUI boundary, flag what's exposed right now, and lay out what a compliant setup looks like for the way you work.

Frequently asked questions

1. Can I use ChatGPT or a commercial AI assistant if my company handles CUI?

It depends on the exact service, not on whether it's labeled commercial or government. A public, consumer chatbot is a no for anything that is or contains CUI, because you're handing controlled data to a system outside your boundary. Some commercial AI services now carry FedRAMP Moderate authorization or equivalent and can be a compliant path when they're configured for it, and some government versions don't include every feature. The rule that holds up is to confirm the specific product, environment, and feature against current provider documentation before any controlled data goes near it.

2. Does running AI on our own server make us CMMC compliant?

No. On-prem keeps the data inside a boundary you control, which is the hard part, but the GPU server itself becomes part of your assessment boundary the moment it processes CUI. It has to meet the same 800-171 controls as the rest of your environment, including access control, audit logging, and configuration management. On-prem buys you control, not automatic compliance.

3. What CMMC level applies if our AI touches CUI?

CUI puts you in Level 2 territory, which aligns with NIST SP 800-171 and its 110 controls. Whether your contract requires a self-assessment or a third-party assessment by a C3PAO depends on the contract. Federal Contract Information without CUI is a lighter Level 1 question. Confirm your specific obligation against current DoD and Cyber AB guidance.

4. Can CybertronIT handle the AI and compliance piece if we already have an IT provider?

We bundle CMMC readiness with Managed IT rather than running it alongside another firm's IT, because the documentation and the live systems have to be operated by the same team or they drift apart fast. If you already have an MSP, the starting point is a conversation about timing and whether the contracts at stake justify a switch.

5. Do you certify our CMMC compliance?

No. We're a Registered Provider Organization, which means we prepare you and partner with you through the process. The certifying assessment is conducted by a C3PAO, which is a separate, independent role. Keeping that line clear is part of knowing the framework.