NIST Releases Guidance for Securing Unclassified Data in Nonfederal Systems

The National Institute of Standards and Technology has issued its guidance on ensuring the security of government information housed in systems not owned and operated by federal entities.

The guidance, titled “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations”, includes security recommendations for agencies seeking to ensure the confidentiality of CUI in systems that don’t operate under government oversight.

NIST noted that the guidance may be used to inform the development of requirements in contract vehicles and other agreements with commercial entities. Technologies covered by the guidance include components of nonfederal platforms that process CUI or provide protection for such data. 

According to the agency, protection of CUI is “of paramount importance to federal agencies and can directly impact the ability of the federal government to successfully conduct its essential missions and functions.”

You may also be interested in...


GAO: DOD Should Fill Gaps in Small Business Strategy

The Government Accountability Office (GAO) advises the Department of Defense (DOD) to develop an implementation plan, policy and a formal monitoring process for the DOD Small Business Strategy. Congress, in 2019, tasked DOD to create a strategy that will guide how the department handles small business programs, GAO said Thursday.