NIST-800 Compliance is a standard for information security to all external organizations working in concert with federal branches of government. NIST compliance ensures that necessary protocols are in place to monitor, restrict access, and prevent the loss of Controlled Unclassified Information (or CUI).
A small Florida Manufacturing Firm manufacture CNC close tolerance machined parts, custom components, and assemblies for the defense sector. Given the sensitive nature of the parts being manufactured, it was vital that communications and manufacturing specifications were secure while organizational infrastructure was put in place and maintained to NIST Compliance.
ITonDemand was already providing our CORE solution for the firm. In addition, we were providing them with all hardware, software, email, and even file sharing. With this existing relationship in place, we offered our Security+ which provided the necessary measures to prepare for NIST Compliance certification.
Following a 110 point checklist, the team at ITonDemand either confirmed or applied compliance standards across fourteen families of security requirements to protect the valuable work being done.
Hardware and software can be replaced. Data cannot. For effective incident response, ITonDemand gathers events from log files, monitoring tools, error messages, intrusion detection systems, and firewalls to detect and determine incidents and their scope. ITonDemand then mitigates and responds to any incidents that may occur.
System and Communications Protection
Communications is the greatest vulnerability. To protect the manufacturing firm, we impose role-based security, separate privileged and non-privileged access, lock down access into their network from the outside, provide employee security training, and a myriad of other prevention standards.
Other Articles You Might Be Interested In:
In Late July, we covered a cybersecurity incident where hackers gained access to government emails. The cause was a Microsoft cloud breach that used a stolen authentication key. At the time, only 25 organizations were thought to be impacted, including some Western...
When it comes to cybersecurity, it’s a matter of when not if a cyber threat targets your business. Every industry is impacted, with healthcare alone seeing a 74% increase in weekly attacks compared to 2021. Not every type of risk is obvious, either. Whether it’s a...