Protecting controlled unclassified information in nonfederal systems and organizations

Ross, Ron; Pillitteri, Victoria; Dempsey, Kelley; Riddle, Mark A.; Guissanie, Gary

doi:10.6028/nist.sp.800-171r2

“…Reference Document (e.g., NIST SP 800-171 [8]) and create an Informative Reference to the Cybersecurity Framework.…”

Section: Reference Developermentioning

confidence: 99%

“…The examples below are extended explanations of the Relationships described in Section 3.2.5. The 779 examples were taken from NIST SP 800-171, and all Reference Document elements are referenced 780 as described in that publication [8]. All Cybersecurity Framework element examples are taken from 781 version 1.1 of the Cybersecurity Framework [4].…”

mentioning

confidence: 99%

National Cybersecurity Online Informative References (OLIR) Program

Barrett¹,

Keller²,

Quinn³

et al. 2020

Preprint

View full text Add to dashboard Cite

There may be references in this publication to other publications currently under development by NIST in accordance with its assigned statutory responsibilities. The information in this publication, including concepts and methodologies, may be used by federal agencies even before the completion of such companion publications. Thus, until each publication is completed, current requirements, guidelines, and procedures, where they exist, remain operative. For planning and transition purposes, federal agencies may wish to closely follow the development of these new publications by NIST. Organizations are encouraged to review all draft publications during public comment periods and provide feedback to NIST. Many NIST cybersecurity publications, other than the ones noted above, are available at https://csrc.nist.gov/publications.

show abstract

“…In many regards, physical security requirements for storage infrastructure are identical to those of other infrastructure elements like computers and network equipment (e.g., facility security, surveillance, transportation, etc.). These are well covered by multiple publications, including NIST SP 800-53 [28], Rev5 [NIST SP 800-171 [34]. Additional valuable discussion regarding media disposal and destruction is available in ISO 27040 ( [10]), and NIST SP 800-88 Rev.…”

Section: Physical Storage Securitymentioning

confidence: 99%

Security Guidelines for Storage Infrastructure

Chandramouli¹,

Pinhas²

2020

View full text Add to dashboard Cite

This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority. Nor should these guidelines be interpreted as altering or superseding the existing authorities of the Secretary of Commerce, Director of the OMB, or any other federal official. This publication may be used by nongovernmental organizations on a voluntary basis and is not subject to copyright in the United States. Attribution would, however, be appreciated by NIST.

show abstract

“…In many regards, physical security requirements for storage infrastructure are identical to those of other infrastructure elements like computers and network equipment (e.g., facility security, surveillance, transportation, etc.). These are well covered by multiple publications, including NIST SP 800-171 [34]. Additional valuable discussion regarding media disposal and destruction is available in ISO 27040 ( [10]).…”

Section: Physical Storage Securitymentioning

confidence: 99%

Security Guidelines for Storage Infrastructure

Chandramouli¹,

Pinhas²

2020

Preprint

0

View full text Add to dashboard Cite

This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority. Nor should these guidelines be interpreted as altering or superseding the existing authorities of the Secretary of Commerce, Director of the OMB, or any other federal official. This publication may be used by nongovernmental organizations on a voluntary basis and is not subject to copyright in the United States. Attribution would, however, be appreciated by NIST.

show abstract

Protecting controlled unclassified information in nonfederal systems and organizations

Cited by 41 publications

References 31 publications

National Cybersecurity Online Informative References (OLIR) Program

National Cybersecurity Online Informative References (OLIR) Program

Security Guidelines for Storage Infrastructure

Security Guidelines for Storage Infrastructure

Contact Info

Product

Resources

About