What is the NIST 800-171?

The NIST 800-171 is a security framework published by the National Institute for Standards and Technology to standardize how federal agencies define controlled unclassified information (CUI). The purpose of the guidelines is to “ensure that sensitive federal information remains confidential when stored in nonfederal information systems and organizations.” 

Why is the NIST 800-171 important? 

There are fewer controls to protect CUI when compared to classified information which would make CUI the path of least resistance for adversaries looking to gain control over sensitive data. With other 1 million contracts in the NISP aline with the DFARs Clause 252.204-7012 and 3 million with CUI in the cleared industrial base overall, the loss of CUI poses one of the most significant risks to national security and must be protected. 

Who does the NIST 800-171 apply to? 

• Contractors for Department of Defense (DoD)
• Contractors for General Services Administration (GSA) 
• Contractors for National Aeronautics and Space Administration (NASA)
• Universities and research institutions supported by federal grants
• Consulting companies with federal contracts 
• Service providers for federal agencies 
• Manufacturing companies supplying goods to federal agencies 

Download this PDF to learn more about NIST 800-171 and how Clarabyte protects CUI.