On June 19, 2015, the National Institute of Standards and Technology (“NIST”) published the final version of guidance for federal agencies to ensure sensitive information remains confidential when stored outside of federal systems.
The guidelines, Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, apply to nonfederal information systems and organizations that process, store, or transmit federal controlled unclassified information (CUI) and match the guidelines published for public comment last fall.
The new guidance is step two in a three-part plan with the National Archives and Records Administration (NARA) to ensure the confidentiality of sensitive federal information no matter where it is stored. As data breaches continue to make near-daily news, federal contractors not using the “recommendations” laid out in SP 800-171 would be wise to take another look, as they contain, more than ever, the Government’s express expectations of how it wants its information protected.
Keep reading this article at: http://www.mondaq.com/article.asp?articleid=408096