Call Us Today! (256) 704-0234 |solutions@techni-core.com

NIST

|Tag: NIST

Government Cloud Hosting

Migrate to the Cloud with Existing On-Premise Assets More and more businesses are shifting their infrastructure to the cloud and away from on-premises environments.  There are many reasons for this sudden shift, all of which are mentioned above, but most important are extremely high resource availability (especially when pertaining to continuity of operations), immediate disaster recovery ability, and connectivity of end users to enable the ability of employees to access critical company resources [...]

By |2018-09-05T18:14:11+00:00March 26th, 2018|Comments Off on Government Cloud Hosting

Why Most Contractors Won’t be Compliant by the Deadline

Many defense contractors have ignored this regulation until they (1) received something from their prime inquiring about their compliance status, or (2) they received a modification to their current prime or subcontract with the DFARS 252.204-7012 compliance requirement contained in the solicitation requirements. We don't blame them for wanting their prime, or the government, to prove that this requirement applied to their company, but no matter when or how the requirement was enforced, the deadline for [...]

By |2018-06-01T21:13:40+00:00November 2nd, 2017|Techni-Core Blog|0 Comments

PRESS RELEASE: We have released a second publication!

FOR IMMEDIATE RELEASE  Techni-Core has released the second publication! Huntsville, AL - 25 April 2017 25 April 2017 - Techni-Core has published a second book, "DFARS UCTI Compliance Quick Start Guide for DFARS 252.204-7012, FAR 52.204-21, and NIST 800-171." In this guide, the writers discuss the DFARS 7012 regulation, NIST 800-171 industry best practices contractors are required to implement, and the path to reaching full compliance. Readers will gain an understanding of the time involved in the compliance process [...]

By |2018-06-02T16:53:13+00:00April 26th, 2017|Techni-Core Blog|0 Comments

NFO Controls – “What you Should be Doing Anyway”

In August 2015, NIST 800-171 listed 62 Non-Federal Organization or NFO controls as "expected." Think of NFO as the controls you should already have in place. The additional 62 NIST controls marked "NFO," are not part of the "mandatory minimum." The Government expects them to be satisfied as part of your existing security policy. NFO items include controls covering every NIST category from Access Controls to Systems and Information Integrity -- they also include [...]

By |2018-06-02T16:55:04+00:00March 9th, 2017|Techni-Core Blog|0 Comments

Continuous Monitoring for Peace of Mind

Continuous Monitoring is a piece of the NIST 800-171 rule that frequently gets overlooked as a requirement. There are many reasons for this, but the most frequent is that most companies think, once the security controls are implemented they are compliant. That's not the case. DFARS 252.204-7012 (Implementing NIST 800-171) as well as FAR 52.204-21, once the security controls are implemented, must be maintained. Continuous Monitoring enables information security professionals to see a continuous [...]

By |2018-06-02T16:59:30+00:00March 2nd, 2017|Techni-Core Blog|0 Comments

2-Factor Authentication and Why it’s Important

If you've been involved in the DFARS 252.204-7012 (Implementing NIST 800-171) process you've seen the wording in the regulation requiring a second layer of defense for your systems -- 2-Factor Authentication or Multi-Factor Authentication (you will see it presented either way, but they are the same thing). Multi-Factor Authentication (MFA) is one of the requirements imposed by  DFARS 252.204-7012 via NIST SP 800-171.  This requirement is familiar to the government network computer users but [...]

By |2018-06-02T17:12:46+00:00February 28th, 2017|Techni-Core Blog|0 Comments

“What Classifies as UCTI?”

DFARS 252.204-7012 (Implementing NIST 800-171) is a hefty regulation to wade through on your own. That's what we're here for! Let's start with the first question burning in your mind, "What is UCTI?" There are two terms thrown around that are synonymous with contact-sensitive, but unclassified information -- UCTI (Unclassified Controlled Technical Information) & CUI (Controlled Unclassified Information). Whether the contact-sensitive information is at rest in your network (data stored in files, databases, emails, [...]

By |2018-06-02T17:16:02+00:00February 27th, 2017|Techni-Core Blog|0 Comments

Updated NIST Guidelines on Password Policies

Recently, we found a very worthwhile article explaining the NIST Guidelines regarding passwords. Here are a few excerpts from the article that we found especially useful. The link to the full article is below. Let's start with what's new and what you should do in the world of the NIST password guidelines: "Size matters. At least is does when it comes to passwords. NIST's new guidelines say you need a minimum of 8 characters. [...]

By |2018-06-02T17:53:08+00:00September 13th, 2016|Techni-Core Blog|0 Comments