What is CUI Controlled Unclassified Information NIST 800-171?

What is CUI Controlled Unclassified Information  NIST 800-171?

Controlled Unclassified Information (CUI) program 

Towards the end of 2017 many federal contractors or organizations receiving federal funding will find the need to be compliant with CUI, DFARS or NIST SP 800-171*.

How GTB Technologies DLP that Works platform can aid in NIST 800-171 Compliance

3.1 Access Control
NIST SP 800-171 Requirement GTB Technologies
3.1.3 Control the flow of CUI in accordance with approved authorizations.  GTBSHield
3.1.9 Provide privacy and security notices consistent with applicable CUI rules.  GTBSHield
3.2 Awareness and Training
NIST SP 800-171 Requirement GTB Technologies
3.2.1 Ensure that managers, systems administrators, and users of organizational information systems are made aware of the security risks associated with their activities and of the applicable policies, standards, and procedures related to the security of organizational information systems.  GTBSHield
3.2.2 Ensure that organizational personnel are adequately trained to carry out their assigned information security-related duties and responsibilities.  GTBSHield
3.8 Media Protection

NIST SP 800-171 Requirement

GTB Technologies

3.8.4 Mark media with necessary CUI markings and distribution limitations.  GTBSHield
3.8.7 Control the use of removable media on information system components.  GTBSHield
3.13 System and Communications Protection
NIST SP 800-171 Requirement GTB Technologies

3.13.1 Monitor, control, and protect organizational communications (i.e., information transmitted or received by organizational information systems) at the external boundaries and key internal boundaries of the information systems.


3.13.4 Prevent unauthorized and unintended information transfer via shared system resources.


3.13.8 Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards.


3.13.11 Employ FIPS-validated cryptography when used to protect the confidentiality of CUI.


*The National Institute of Standards and Technology (NIST), Special Publication 800-171  (NIST SP800-171)  published in June 2015 and became a rule for the DFARS in May 2016.

Want to see something cool?

Want Easy Access to
Data Security that Works?

Secure your Sensitive Data, including from  Remote Users

Try it for Free