NIST 800-171 Compliance for Government Contractors

Download Solution Brief

Overview

On December 30, 2015, the U.S. Department of Defense (DOD) published a three-page interim rule to the Defense Federal Acquisition Regulation Supplement (DFARS) that gives government contractors a deadline of December 31, 2017 to implement the requirements of the National Institute of Standards and Technology’s (NIST) Special Publication (SP) 800-171.

These requirements protect the confidentiality of Controlled Unclassified Information (CUI) in non-federal systems and organizations. If you are a government contractor, failure to meet these requirements will result in the loss of your contracts.

The federal government is placing an ever-increasing emphasis on addressing cybersecurity threats. Any organization doing business with the federal government should expect these types of requirements to continue to evolve and intensify.

What does this mean for you?

As of January 1, 2018, government contractors are expected to have implemented the requirements of NIST 800-171. If an audit determines a failure to meet the requirements of NIST 800-171, consequences may include criminal, civil, administrative, or contract penalties – including termination of contracts.

Download our NIST 800-171 Solution Brief for help before you face your next audit.

Free Webcast

What are the requirements?

NIST has 14 sections broken down into 110 required controls. Organizations can implement a variety of potential security solutions, either directly or through the use of managed services, to satisfy the requirements.

  • Access Control
  • Awareness and Training
  • Auditing and Accountability
  • Configuration Management
  • Identification and Authentication
  • Incident Response
  • Maintenance
  • Media Protection
  • Personnel Security
  • Physical Protection
  • Risk Assessment
  • Security Assessment
  • System and Communication Protection
  • System and Information Integrity

How can EventTracker help?

More than 20 of the top 100 defense contractors have already trusted EventTracker to ensure their IT processes meet or exceed the NIST 800-171 requirements because we offer pre-defined and customized reports, rules and dashboards to help meet the security controls detailed within the NIST requirement. The solution at the core of our NIST compliance package is EventTracker Log Manager. It’s designed to deliver the protection and compliance you need, with zero-impact on end-users. Plus it’s easily scalable since no hardware is needed to implement. Here are just a few examples of how it can help you meet the specific requirements of NIST 800-171:

Requirement AC-7 – Unsuccessful Login Attempts

EventTracker collects all authentication activities which get generated in the system. EventTracker reports provide easy and standard review of unsuccessful login attempts to systems and applications. EventTracker alerts can detect & report on multiple unsuccessful login attempts.

Requirement CM-4 – Monitoring Configuration Changes

EventTracker’s monitoring capability can be used to detect the following changes to the file system:

  • Additions
  • Deletions
  • Modifications
  • Permissions

EventTracker analysis & reporting capabilities can be used for monitoring configuration changes. EventTracker alerting can be utilized to detect and notify of changes to specific configurations.

Requirement IA-3 – Device Identification and Authentication The information system uniquely identifies and authenticates before establishing a connection.

EventTracker provides support for NIST 800-171 control requirements IA-3 by collecting and analyzing all authentication logs. EventTracker provide alerting on vendor default account authentications. EventTracker investigations, reports, and tails provide evidence of all account authentication activity including those from vendor default accounts.

Requirement AU-6 – Audit Monitoring, Analysis, and Reporting

EventTracker provides centralized monitoring, analysis, and reporting of audit activity across the entire IT infrastructure. EventTracker automates the process of identifying high-risk activity and prioritizes based on asset risk. High-risk activity can be monitored in real-time or alerted on. EventTracker reports provide easy and standard review of inappropriate, unusual, and suspicious activity.

Requirement CA-7 – Continuous Monitoring

EventTracker’s monitoring, analysis, and reporting capabilities provide for continuous monitoring of specific controls across the IT infrastructure. For instance, EventTracker alerts can detect the use of restricted accounts.

Download our NIST 800-171 Solution Brief

Complete overview of each NIST 800-171 requirement, and how they map to the EventTracker solution.

Are you a Managed Service Provider or Reseller?

NOTE: Your solution brief will be sent to the email address you provide.