Avecto has assisted many global clients to meet the requirements of DFARS NIST 800-171. Read on to find out how Avecto’s Defendpoint software secures your endpoints through integrated privilege management and application control technology.
Department of Defense (DoD) contractors and subcontractors must meet Defense Federal Acquisition Regulation Supplement (DFARS) compliance rules before the end of 2017.
Changes to DFARS requires contractors to meet the mandatory security standards outlined in National Institute of Standards and Technology (NIST) Special Publication 800-171: Protecting Controlled Unclassified Information in Non-Federal Information Systems and Organizations.
The US government legislation intends to safeguard 'controlled unclassified information' (CUI) against the growing cyber security threats, requiring affected organizations will need to act to adequately protect their processes, systems and contracts.
CUI is classified as "information that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations, and government-wide policies".
Those who fail to comply will likely lose government contracts, whereas organizations able to demonstrate compliance at an early stage may be in a better position to secure additional wins.
Government contractors and subcontractors are required by DFARS 252.204-7008 to comply with the 14 control families of the NIST SP 800-171 by December 2017:
Awareness and training
Audit and accountability*
Identification and authentication
System and communications protection
System and information integrity*