DOD prime contractors and sub-contractors must demonstrate compliance with NIST SP 800-171 based on DFARS Clause 252.204-7012 starting Jan 01, 2018. DFARS requires that contractors implement NIST SP 800-171 to protect systems and networks that process, store, or transmit “covered defense information”. Small businesses, manufacturers, construction and engineering services providers must consider implementing compliant solutions that include documentation including a System Security Plan (SSP), Plan of Actions & Milestones (POA&M) and a IT Contingency Plan (ITCP). Leveraging FedRAMP and DOD accredited cloud platforms like the AWS GovCloud can help accelerate compliance and reduce costs. Our FREE eBook provides hands-on strategies for compliance with DFARS 252.204-7012.
The Free eBook has six information filled chapters with practical tips and strategies to accelerate compliance goals and reduce costs using the FedRAMP and DOD accredited AWS GovCloud service. The chapters in the eBook include:
Chapter 1: Introduction to DFARS and NIST SP 800-171
Chapter 2: Understanding DFARS and NIST SP 800-171 Requirements
Chapter 3: Strategies for meeting DFARS and NIST SP 800-171 Mandate
Chapter 4: Accelerating compliance with NIST SP 800-171 with AWS
Chapter 5: Implementation strategies using AWS East/West or GovCloud
Chapter 6: Reducing cost of compliance with AWS, Marketplace & Service Catalog
The content is written in an easy to read style minimizing the use of complex jargon with plenty of useful tips and techniques. Chapter 3 as an example provides information on available compliance options and considerations to assist with making the right business and compliance decision. FedRAMP accredited cloud services at the moderate level (based on FIPS 199) or commensurate DOD IL-4 levels are viable options and allow organizations to inherit and leverage existing controls thereby reducing costs. Amazon Web Services (AWS) East/West and GovCloud regions are readily available hosting options. Organizations looking to meet DFARS and NIST SP 800-171 requirements must consider time to compliance, financial investment and complexity of the systems involved. Given that the deadline for implementation was December 31, 2017, time to compliance is critical. You can download the Free eBook from our resources section or visit our Government Cloud Solutions page; or you can click on this link.
Here are some other helpful resources related to NIST SP 800-171 and DFARS compliance