What is NIST SP 800-171 and What Role Does it Play in Defense Contracting Compliance?

NIST 800-171 featured

The document library of the NIST website can be daunting and seemingly endless in terms of the various frameworks, controls and requirements that it provides. The 800 series, in particular, while important and, in many cases, necessary, is also hard to penetrate if you don’t already have some knowledge of what it contains. This can provide a challenge for organizations working with the DoD supply chain, especially those handling classified or sensitive material. 

In this article, we’ll cover one of these publications: NIST 800-171. This document defines security for a specific form of government information that many contractors under the executive or defense departments: CUI. While important on its own, this document also informs several important security frameworks, namely CMMC.

 

Read More

What are Enclaves and Why Are They Important for Handling CUI?

Security enclave featured

One of our country’s more important assets is its information. The U.S. IT infrastructure carries private information covering things like financial information, private information, defense and military information or information that is critical to the operation of government agencies. Some information is classified, and some, while not deemed sensitive enough to classify, are protected as Controlled Unclassified Information, or CUI.

CUI is protected under government regulation, which means that if your business wants to work with federal or defense agencies, it must meet regulations to participate. 

Read More