Insights on NIST 800-53

Cloud, NIST 800-53

NIST Releases Public Draft SP800-53 Addressing Cybersecurity Threats & Privacy Controls

By InfoLawGroup LLP on February 29, 2012

Yesterday the National Institute of Standards and Technology (NIST) released the 4th revision of its "Security and Privacy Controls for Federal Information Systems and Organizations." Despite the long title it will ultimately be a mainstay reference for federal agencies required to comply with provisions of the Federal Information Security Management Act (FISMA) and FIPS 200. As a result it should have a significant affect on cloud security practices effecting commercial non-governmental cloud usage.

256-bit key, AES, assymetric cryptography, data at rest, DES, file encryption, FIPS 197, FIPS 200, hardward-based encryption, mobile encryption, NIST, NIST 800-53, OMB, OMB M-07-16, PKI, RSA Security, software disk encryption

Code or Clear? Encryption Requirements (Part 4)

By W. Scott Blackmer on October 04, 2009

In other posts, I talked about the trend toward more prescriptive encryption requirements in laws and regulations governing certain categories of personal data and other protected information. Here's an overview of the standards and related products available for safe (and legally defensible) handling of protected data.