DoD’s Interim Rule Seeks to Extend Contractors’ Compliance With NIST Cloud Security Requirements

cloudThe Defense Department has released a draft regulation that seeks to amend the Defense Federal Acquisition Regulation Supplement in an effort to provide additional time for contractors to comply with the National Institute of Standards and Technology’s security requirements for cloud services.

DoD said in a Dec. 30, 2015 notice posted on Federal Register that defense contractors have until Dec. 31, 2017 to comply with security provisions stipulated in NIST’s Special Publication 800-171.

The NIST publication contains requirements for contractors on how to protect sensitive data stored in contractors’ information networks and systems.

The department will also require contractors to inform DoD’s chief information officer of any NIST provisions that were not implemented within one month of contract award, according to the interim rule.

Comments on the proposed rule are due Feb. 29, according to the notice.

Check Also


DoD Uses Commercial Tech for Early Coronavirus Detection

The Defense Threat Reduction Agency (DTRA) partnered with the Defense Innovation Unit to use a commercial, wearable infection warning device for COVID-19 spread reduction, DoD News reported Tuesday. The device, named Rapid Analysis of Threat Exposure, is designed to alert about the virus' presence in the wearer before he or she exhibits symptoms.

Leave a Reply

Your email address will not be published. Required fields are marked *