NIST 800-171

NIST 800-171 Basics

NIST 800-171 is a National Institute of Standards and Technology (NIST) Special Publication that provides recommended requirements for protecting the confidentiality of controlled unclassified information (CUI) in nonfederal systems and organizations. It is the precursor to Cybersecurity Maturity Model Certification (CMMC) compliance regulations. CUI is any information that the federal government requires to be safeguarded but is not classified as national security information.

NIST 800-171 is based on the Federal Information Security Modernization Act (FISMA), which requires federal agencies to develop and implement information security standards and guidelines for their systems and the systems of their contractors and vendors. NIST 800-171 defines 14 security domains and 110 security controls that nonfederal entities need to implement to protect CUI from unauthorized access, disclosure, modification, or loss.

NIST 800-171 is applicable to any nonfederal system or organization that processes, stores, transmits, or protects CUI for the Department of Defense (DoD), General Services Administration (GSA), National Aeronautics and Space Administration (NASA), or any other federal agency. Compliance with NIST 800-171 is a contractual requirement for these entities, and they need to undergo an assessment by a certified third-party organization to verify their compliance.

RADICL knows what’s required to comply with NIST 800-171 in addition to many other frameworks. In fact, you’ll be well on your way to compliance the very minute you install RADICL. Up to 40% of the controls listed in NIST 800-171 are automatically and instantly met using RADICL’s Xtended Threat Protection (XTP) Platform.