Call Us Today! (256) 704-0234 |solutions@techni-core.com

NIST 800-171

|Tag: NIST 800-171

Why Most Contractors Won’t be Compliant by the Deadline

Many defense contractors have ignored this regulation until they (1) received something from their prime inquiring about their compliance status, or (2) they received a modification to their current prime or subcontract with the DFARS 252.204-7012 compliance requirement contained in the solicitation requirements. We don't blame them for wanting their prime, or the government, to prove that this requirement applied to their company, but no matter when or how the requirement was enforced, the deadline for [...]

By |2018-06-01T21:13:40-05:00November 2nd, 2017|Techni-Core Blog|0 Comments

PRESS RELEASE: We have released a second publication!

FOR IMMEDIATE RELEASE  Techni-Core has released the second publication! Huntsville, AL - 25 April 2017 25 April 2017 - Techni-Core has published a second book, "DFARS UCTI Compliance Quick Start Guide for DFARS 252.204-7012, FAR 52.204-21, and NIST 800-171." In this guide, the writers discuss the DFARS 7012 regulation, NIST 800-171 industry best practices contractors are required to implement, and the path to reaching full compliance. Readers will gain an understanding of the time involved in the compliance process [...]

By |2018-06-02T16:53:13-05:00April 26th, 2017|Techni-Core Blog|0 Comments

NFO Controls – “What you Should be Doing Anyway”

In August 2015, NIST 800-171 listed 62 Non-Federal Organization or NFO controls as "expected." Think of NFO as the controls you should already have in place. The additional 62 NIST controls marked "NFO," are not part of the "mandatory minimum." The Government expects them to be satisfied as part of your existing security policy. NFO items include controls covering every NIST category from Access Controls to Systems and Information Integrity -- they also include [...]

By |2018-06-02T16:55:04-05:00March 9th, 2017|Techni-Core Blog|0 Comments

Continuous Monitoring for Peace of Mind

Continuous Monitoring is a piece of the NIST 800-171 rule that frequently gets overlooked as a requirement. There are many reasons for this, but the most frequent is that most companies think, once the security controls are implemented they are compliant. That's not the case. DFARS 252.204-7012 (Implementing NIST 800-171) as well as FAR 52.204-21, once the security controls are implemented, must be maintained. Continuous Monitoring enables information security professionals to see a continuous [...]

By |2018-06-02T16:59:30-05:00March 2nd, 2017|Techni-Core Blog|0 Comments

2-Factor Authentication and Why it’s Important

If you've been involved in the DFARS 252.204-7012 (Implementing NIST 800-171) process you've seen the wording in the regulation requiring a second layer of defense for your systems -- 2-Factor Authentication or Multi-Factor Authentication (you will see it presented either way, but they are the same thing). Multi-Factor Authentication (MFA) is one of the requirements imposed by  DFARS 252.204-7012 via NIST SP 800-171.  This requirement is familiar to the government network computer users but [...]

By |2018-06-02T17:12:46-05:00February 28th, 2017|Techni-Core Blog|0 Comments

“What Classifies as UCTI?”

DFARS 252.204-7012 (Implementing NIST 800-171) is a hefty regulation to wade through on your own. That's what we're here for! Let's start with the first question burning in your mind, "What is UCTI?" There are two terms thrown around that are synonymous with contact-sensitive, but unclassified information -- UCTI (Unclassified Controlled Technical Information) & CUI (Controlled Unclassified Information). Whether the contact-sensitive information is at rest in your network (data stored in files, databases, emails, [...]

By |2018-06-02T17:16:02-05:00February 27th, 2017|Techni-Core Blog|0 Comments

NIST 800-171 Deadline Extension

The deadline for NIST 800-171 has been extended to 12/31/2017. This will give contractors more time to take the necessary steps to ensure their information is adequately protected and compliant with government standards. If Unclassified Controlled Technical Information (UCTI) resides on or transits through your information systems (whether you are a contractor or subcontractor), then you are subject to the DFARS Rule. Bottom Line: If you're a Defense Contractor this regulation (and all following changes and extensions) [...]

By |2018-06-02T17:35:14-05:00January 26th, 2016|Techni-Core Blog|0 Comments