800-171

NISt 800-171 3.13.10 Establish and manage cryptographic keys for cryptography employed in organizational systems.
Description: Cryptographic key management and establishment can be performed using manual procedures or mechanisms supported by manual procedures. Organiza...
Tue, 11 Jul, 2023 at 5:11 AM
NIST 800-171 3.1.18 Control connection of mobile devices.
Description:  A mobile device is a computing device that has a small form factor such that it can easily be carried by a single individual; is designed to ...
Tue, 11 Jul, 2023 at 2:08 AM
NIST 800-171 3.13.9 Terminate network connections associated with communications sessions at the end of the sessions or after a defined period of inactivity.
Description: This requirement applies to internal and external networks. Terminating network connections associated with communications sessions include de...
Tue, 11 Jul, 2023 at 5:19 AM
NIST 800-171 3.1.19 Encrypt CUI on mobile devices and mobile computing platforms.[23]
Description:  Organizations can employ full-device encryption or container-based encryption to protect the confidentiality of CUI on mobile devices and com...
Tue, 11 Jul, 2023 at 3:16 AM
NIST 800-171 3.13.8 Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards.
Description: This requirement applies to internal and external networks and any system components that can transmit information including servers, notebook...
Tue, 11 Jul, 2023 at 5:26 AM
NIST 800-171 3.13.7 Prevent remote devices from simultaneously establishing non-remote connections with organizational systems and communicating via some other connection to resources in external networks (i.e., split tunneling).
Description: Split tunneling might be desirable by remote users to communicate with local system resources such as printers or file servers. However, split...
Tue, 11 Jul, 2023 at 5:30 AM
NIST 800-171 3.1.20 Verify and control/limit connections to and use of external systems.
Description:  External systems are systems or components of systems for which organizations typically have no direct supervision and authority over the app...
Tue, 11 Jul, 2023 at 3:23 AM
NIST 800-171 3.13.6 Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).
Description: This requirement applies to inbound and outbound network communications traffic at the system boundary and at identified points within the sys...
Tue, 11 Jul, 2023 at 5:36 AM
NIST 800-171 3.1.21 Limit use of portable storage devices on external systems.
Description:   Limits on the use of organization-controlled portable storage devices in external systems include complete prohibition of the use of such de...
Tue, 11 Jul, 2023 at 3:28 AM
NIST 800-171 3.1.22 Control CUI posted or processed on publicly accessible systems.
Description:   In accordance with laws, Executive Orders, directives, policies, regulations, or standards, the public is not authorized access to nonpublic...
Tue, 11 Jul, 2023 at 3:36 AM