National Institute of Standards and Technology (NIST) has published draft recommendations aimed at securing the confidentiality of sensitive federal information located within non-federal entities’ information technology systems. Draft Special Publication 800-171 includes draft recommendations intended to secure all “controlled unclassified information (CUI)” for non-federal entities doing business with, or for, the federal government. CUI includes personally identifiable data, financial information, medical records and other sensitive data.
Many of the recommendations are currently in use on a voluntary and limited basis. Requiring the additional security measures could directly affect thousands of contractors, related businesses, universities and nonprofits conducting business with or research for, the federal government.
Deadline for submitting public comments on Draft Special Publication 800-171 is January 16, 2015. Find Draft Special Publication here.
