NIST 800-171 Compliance

NIST 800-171 Compliance

National Institute of Standards and Technology's (NIST) Special Publication (SP) 800-171 outlines cybersecurity-related requirements government contractors. The U.S. Department of Defense (DOD) published a three-page interim rule to the Defense Federal Acquisition Regulation Supplement (DFARS) that took effect for any contracts originating after December 31, 2017.

These requirements protect the confidentiality of Controlled Unclassified Information (CUI) in non-federal systems and organizations. If you are a government contractor, failure to meet these requirements will result in the loss of your contracts.

The federal government is placing an ever-increasing emphasis on addressing cybersecurity threats. Any organization doing business with the federal government should expect these types of requirements to continue to evolve and intensify.

Curious where you stand with NIST Compliance?

As of January 1, 2018, government contractors are expected to have implemented the requirements of NIST 800-171. If an audit determines a failure to meet the requirements of NIST 800-171, consequences may include criminal, civil, administrative, or contract penalties – including termination of contracts.

Take our NIST 800-171 compliance quiz to better understand if you’re compliant.

NIST 800-171

What are the requirements?

NIST has 14 sections broken down into 110 required controls. Organizations can implement a variety of potential security solutions, either directly or through the use of managed services, to satisfy the requirements.

  • Access Control
  • Awareness and Training
  • Auditing and Accountability
  • Configuration Management
  • Identification and Authentication
  • Incident Response
  • Maintenance
  • Media Protection
  • Personnel Security
  • Physical Protection
  • Risk Assessment
  • Security Assessment
  • System and Communication Protection
  • System and Information Integrity

How can Netsurion help?

More than 20 of the top 100 defense contractors have already trusted Netsurion to ensure their IT processes meet or exceed the NIST 800-171 requirements because we offer pre-defined and customized reports, rules and dashboards to help meet the security controls detailed within the NIST requirement. The solution at the core of our NIST compliance package is EventTracker Log Management. It’s designed to deliver the protection and compliance you need, with zero-impact on end-users. Plus it’s easily scalable since no hardware is needed to implement.
Here are just a few examples of how it can help you meet the specific requirements of NIST 800-171:

Requirement AC-7 – Unsuccessful Login Attempts

EventTracker collects all authentication activities which get generated in the system. EventTracker reports provide easy and standard review of unsuccessful login attempts to systems and applications. EventTracker alerts can detect & report on multiple unsuccessful login attempts.

Requirement CA-7 – Continuous Monitoring

EventTracker’s monitoring, analysis, and reporting capabilities provide for continuous monitoring of specific controls across the IT infrastructure. For instance, EventTracker alerts can detect the use of restricted accounts.

Requirement IA-3 – Device Identification and Authentication The information system uniquely identifies and authenticates before establishing a connection.

EventTracker provides support for NIST 800-171 control requirements IA-3 by collecting and analyzing all authentication logs. EventTracker provide alerting on vendor default account authentications. EventTracker investigations, reports, and tails provide evidence of all account authentication activity including those from vendor default accounts.

Requirement AU-6 – Audit Monitoring, Analysis, and Reporting

EventTracker provides centralized monitoring, analysis, and reporting of audit activity across the entire IT infrastructure. EventTracker automates the process of identifying high-risk activity and prioritizes based on asset risk. High-risk activity can be monitored in real-time or alerted on. EventTracker reports provide easy and standard review of inappropriate, unusual, and suspicious activity.

Requirement CM-4 – Monitoring Configuration Changes

EventTracker’s monitoring capability can be used to detect the following changes to the file system:

  • Additions
  • Deletions
  • Modifications
  • Permissions

EventTracker analysis & reporting capabilities can be used for monitoring configuration changes. EventTracker alerting can be utilized to detect and notify of changes to specific configurations.

Not Sure where to begin?

We will help you understand how to achieve and maintain NIST 800-171 compliance.

Contact Us