The National Institute of Standards and Technology (NIST) Special Publication 800-171 Protecting Covered Defense Information (CDI) in Nonfederal Systems and Organizations, otherwise known as DFARS, outlines 14 families of security requirements for protecting the confidentiality of CDI you must meet in order to continue providing services and products to large defense organizations such as the Department of Defense.
Within those 14 families, there are 110 controls you must address. Security information and event management (SIEM), multi-factor authentication, and encryption of all data (at rest and in transit) are mandatory, as well as written policies for your security procedures and protocol.
US Cloud is NIST compliant and has an experienced team to help you craft an entire data security program integral to securing your most important information.
US Cloud data centers follow the standards set by NIST, which is a non-regulatory US Government agency in the Department of Commerce. NIST’s mission is simple yet powerful: support and develop measurement standards and technology in order to improve efficiency, facilitate trade, and enhance quality of life.
There are four reasons why NIST Compliance is important:
Organizations are facing blind spots in their network defenses by having a lack of network security knowledge and a lack of people with network security skills. In a recent report by Price Waterhouse Cooper the average number of security incidents increased 38% last year. And the impact of security incidents with intellectual property being stolen increased 56%.
By complying with DFARS, every organization that does business with the federal government needs to validate the level of security on its network resources by performing a security audit. DFARS supplies the controls in 800-171 to analyze any gaps that need to be addressed.
The objectives are to:
In working with our customers, we’re finding that most are compliant with about half of the 110 controls necessary to meet NIST 800-171. It seems like a lot of controls, but becoming compliant isn’t just good for your company, it’s also good for your bottom line.
US Cloud’s Managed Security services are ready to work with you to safeguard your network and clouds, meeting the DFARS mandate: