Skip links

Implementing the NIST 800-171 Framework & Certified Cyber Protection

How the US Public Sector Manages & Reduces Risk: Implementing the NIST 800-171 Framework & Certified Cyber Protection

Lately, there’s been a lot of talk about the National Institute of Standards and Technology (NIST) Cybersecurity Framework in the media. What does it entail, and why is this important to the US public sector? According to NIST, the framework is a “voluntary guidance, based on existing standards, guidelines, and practices for organizations to better manage and reduce cybersecurity risk. In addition to helping organizations manage and reduce risks, it was designed to foster risk and cybersecurity management communications amongst both internal and external organizational stakeholders.”

With the US public sector being a top target of cyberattacks, the NIST Cybersecurity Framework is increasingly important to adopt. The increase in remote workers and laptops leaving the safety of agency firewalls, the move to the cloud, and protecting sensitive environments all require adopting the framework.

NIST organizes the framework into five areas or functions:

  1. Identify
  2. Protect
  3. Detect
  4. Respond
  5. Recover

Source: NIST.gov

Once armed with the right information, you are positioned to better manage and reduce your organization’s cybersecurity risk.

Security Assessment Metrics

It is essential to conduct a security assessment to evaluate every possible attack vector that could be exploited in a data breach. For example, anti-malware, backup, firewall, VPN, disk encryption, and NTLM traffic. Acronis SCS uses a score for each metric awarded based on how important they are to protect a machine against cyberattacks. The scores of all metrics are then combined to form the overall #CyberFit Score.

Anti-malware Protection: Systems must detect anomalies and events leading to security breaches. A 360-degree anti-malware solution is critical in detecting malicious software and protecting your systems and applications from cyberthreats.

Backup: Regular backups of your system are a key to avoiding data availability issues such as data corruption and disk failure. It can also mitigate threats such as ransomware. We recommend establishing a frequent backup schedule—daily or weekly. You determine the schedule based on an assessment of how much data you are willing to lose.

Firewall: Whenever security requirements among internal networks and systems vary, or internal systems connect with external ones, control traffic through a firewall. Where to place the firewall depends heavily on the network architecture.

Virtual Private Network (VPN): When working remotely – at home, in a café, etc. – it’s critical that communications and access to systems are secure. A VPN can provide secure communications when information, especially sensitive data, is transmitted between networks.

Disk Encryption: Encryption is crucial to ensuring your data and assets are secure and private. If your endpoint or computer is lost, if the hard drive is encrypted, its data remains safe from any external parties who try to gain access.

NT LAN Manager (NTLM) traffic: Enabling outgoing NTLM traffic to remote servers can expose to an attacker. One way to prevent such attacks is to deny the setting “Outgoing NTLM traffic to remote servers” in your network security configurations.

Our Managed Service Provider (MSP) partner will run a #CyberFit Score tool that compares the security configurations of your endpoint and IT environment against the industry’s best standards, like the NIST Cybersecurity Framework. The scoring framework used is similar to industry standards for security and risk-scoring solutions and US credit ratings, making it simple to show each metric and easily understood.

Improve Your Security Posture

You’ll receive a remediation report from our MSP with recommendations for improving the security posture of your machines, which can be shared with your team. This information will allow you to mitigate security risks and keep endpoints safe from cyberattacks based on informed, actionable recommendations.

The #CyberFit Score is available as part of our certified cyber protection solution—Acronis SCS Cyber Protect Cloud—it integrates cybersecurity, data protection and management to protect endpoints, systems, and data. Our product provides:

Certified & Compliant Protection: It is built upon the NIST 800-171 framework, utilizes FIPS 140-2 encryption, and is HIPAA and CJIS compliant – which helps customers adhere to CMMC obligations.

Encrypted Data & Off-Site Storage: Since the solution is NIST 800-171 compliant, FSIs and defense contractors can store Controlled Unclassified Information (CUI) data as required by CMMC.

Backup Encryption: Regulatory compliance is maintained and data protection strengthened by securing backups with FIPS 140-2 validated AES-256 data encryption for data in transit and at rest

Immutable Storage: Customers configure retention plans that indicate the number of days deleted data should be retained, enabling easy recovery of deleted backups via the management console.

Support Based in the US: At Acronis SCS, we pride ourselves on providing industry-leading, fast, and reliable support you can trust. Our support team members are US persons based in Scottsdale, Arizona. No matter the fix, you maintain complete control over your systems and data – we will never remote in or pass data to third parties.

Dedicated US Data Centers: When leveraging Acronis SCS data centers, your data is fully protected and housed on US soil. Not only does the federal government mandate their data never leave the US, but many public sector agencies request it, too. We secure encrypted backups in a SOC 2, HIPAA, ISO 27001, and FISMA compliant data center in Arizona. The region is historically free of natural disasters and maintains multiple layers of availability redundancy.

Are you ready to get #CyberFit?

Contact us today, and one of our MSPs will be happy to run a #CyberFit Score for your organization. Then together, determine the best course of action, including implementing a cybersecurity solution.

I Want to Get #CyberFit