NIST Special Publication 800-171 provides guidelines to protect controlled unclassified information in nonfederal information systems and organizations.
The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s measurement and standards infrastructure. The Special Publication 800-series reports on ITL’s research, guidelines, and outreach efforts in information systems security and its collaborative activities with industry, government, and academic organizations.
The protection of Controlled Unclassified Information (CUI) while residing in nonfederal information systems and organizations is of paramount importance to federal agencies and can directly impact the ability of the federal government to successfully carry out its designated missions and business operations. NIST.SP.800-171 publication provides federal agencies with recommended requirements for protecting the confidentiality of CUI.
Various government agencies refer to NIST.SP.800-171 when describing security requirements for non-government partners and subcontractors. For example, As of December 2015, Defense Federal Acquisition Regulation Supplement (DFARS 225.204-7012) requires contractors to implement NIST Special Publication (SP) 800-171 standards “as soon as practical, but not later than December 31, 2017.”
About Xton Access Manager
Xton Access Manager (XTAM) is an agentless, cross-platform privileged access management solution with unlimited licensing model built from the ground up with an enterprise feature set. Simple to implement, without your typical enterprise cost and effort.
A privileged account refers to non-individual, often shared, user accounts frequently used by machines for or by administrators to perform maintenance activities. Examples of such accounts include:
- Accounts used by machines to communicate between each other;
- Shared accounts shared by groups of people (external billing, corporate representatives);
- Accounts for Database Administrators, database schema, application pool owners, global administrators;
- Local computer accounts (root, administrator, tomcat, jenkins, jira);
- Built-in IoT accounts (sensors, printers, routers, coffee machines, cameras, beacons).
XTAM provides out-of-the-box features to discover, manage, access and monitor privileged accounts:
- A secure AES-256 encrypted Identity Vault to maintain total administrative control over all your passwords, certificates, key, files, secrets and privileged accounts.
- Privileged Session Recording to ensure all sessions are retained and can be used for diagnosis or forensic investigations.
- Integrated Job and Policy Engine to automate Password Resets, Privileged Account Discovery and repetitive tasks.
- Full system event and user Audit Trails that can trigger notifications and in-application alerts.
Recommended XTAM Workflow
XTAM supports multiple use cases and might be uses as a part of several security and productivity enhancement workflows. To help organizations to comply with NIST.SP.800-171 requirements we recommend the following workflow.
|Discover||Discover privileged accounts in the network using XTAM discovery facilities.|
|Import||Import privileged accounts to the XTAM vault from the discovery process or from other sources using the import facilities. Enter undiscovered privileges accounts into the XTAM vault.|
|Unlock||Authorize XTAM users to unlock passwords or certificates in XTAM vault when needed.|
|Access||Authorize XTAM users to connect to managed privileged accounts without disclosing credentials when needed using XTAM session manager.|
|Execute||Authorize XTAM users to execute privileged commands and scripts on managed information systems without disclosing credentials when needed using the XTAM job engine.|
|Monitor||Use XTAM notification facilities, audit log, history, job execution history and session history reports to monitor system activity. Stream system logs to your organization’s SIEM system for global analysis.|
Mapping XTAM Functions to the Guideline Requirements
To see how Xton Access Manager maps to the NIST 800-171 standard, please download our PDF report.