SECURITY

Introducing the Free Campus Compliance Toolkit for NIST 800-171

With the December 31st deadline for DOD research grants rapidly approaching, campuses across the country are diving into discussions around NIST 800-171 compliance. We at Splunk are committed in our mission to help higher education customers leverage the power of machine data to address challenges ranging from student retention to compliance.

For those of you who joined us in our booth at EDUCAUSE 2017, you saw how Splunk can help universities with achieving and evidencing NIST 800-171 compliance.  

What is NIST 800-171?

Just because certain government data isn’t classified doesn’t mean that it should be stolen in a cyberattack. In June 2015, the National Institute of Standards & Technology released NIST 800-171 which, simply put, is a minimum standard of care required of certain government data when that data is entrusted to someone outside of the government. An increasing number of government agencies are leveraging standards like NIST 800-171 to ensure the protection of data when shared with third parties.

The Department of Defense is the first to adopt NIST 800-171 widespread with the first deadline rapidly approaching December 31st. However, many government agencies are not far behind. The Department of Education strongly recommends that universities review the NIST 800-171 controls when considering their Title IV obligation to safeguard student information. Splunk can help with achieving and evidencing certain NIST 800-171 controls. For more information on NIST 800-171, check out our whitepaper "Driving Institutional Research Excellence With NIST 800-171 Compliance."

About the Campus Compliance Toolkit for NIST 800-171

Many universities are already turning to Splunk to meet the log collection requirements specified in NIST 800-171. Yet, we are always on a quest to ensure our customers can derive the maximum value out of their data. Rather than using Splunk only to satisfy the log collection requirement, we are committed to helping customers leverage the power of machine data to meet additional requirements and simplify the compliance process. Splunk’s Higher Education team has partnered with Blackwood Associates, Inc (BAI) to develop the Campus Compliance Toolkit for NIST 800-171, which was released in December 2017. View our recorded webinar to learn more.

The Campus Compliance Toolkit for NIST 800-171 is an extensible collection of tools built for universities grappling with these compliance requirements.

The Toolkit includes pre-built dashboards and searches that can help a university get started with evidencing and/or achieving compliance for the following controls:

Control

3.1.1

Brief Description

Limit system access to authorized users

3.1.6

Use of non-privileged accounts

3.1.7

Prevention of privileged functions

3.1.8

Unsuccessful logon attempts

3.1.12

Monitor remote access

3.1.20

Use of external systems

3.1.21

Portable storage

3.3.1

Create protect and retain audit records

3.3.2

User action audit

3.3.3

Audit event reviews

3.3.4

Audit failure alerts

3.3.5

Audit event monitoring

3.3.6

On-demand audit analysis and reporting

3.3.7

Time synchronization

3.3.8

Protect audit information and tools

3.3.9

Limit audit management users

3.4.6

Least functionality

3.4.7

Nonessential functions ports protocols and services

3.4.8

Default deny

3.4.9

Control and monitor user installed software.

3.5.6

Identifier inactivity

3.8.7

Removable media

3.11.2

Vulnerability scanning

3.11.3

Vulnerability remediation

3.12.3

Control effectiveness

3.13.1

Boundary protection

3.13.13

Mobile code

3.14.1

Flaw handling

3.14.3

Alert monitoring

3.14.4

Protection updates

3.14.5

File and malware scanning

3.14.6

Traffic monitoring

3.14.7

Unauthorized use

 

The Toolkit can also help with:

  • Defining white and black lists for software, processes, and port usage and monitoring for deviations

  • Identifying and alerting on audit process failures

  • Proving that controls are reviewed for compliance on a regular basis

The Toolkit is extensible and allows you expand to additional controls either on your own or with the help from our services team.

Best of all, the Toolkit will be available for free to new and existing Splunk customers!

Learn More

Looking for more information, view our recorded webinar for our announcement of the app and an overview of the NIST 800-171 solution offerings.

Craig Vincent
Posted by

Craig Vincent

Craig Vincent is the Lead Technologist for State & Local Government, Education, and Academic Healthcare markets at Splunk. Craig serves as a trusted advisor to IT leaders and organizations who are looking to keep up with the breakneck pace of innovation.  From his years as a technologist and an advisor, Craig knows how to leverage the latest technological innovations and properly apply them to business and organizational challenges. As Lead Technologist, Craig is responsible for devising Splunk SLED solution strategy and aligning business functions around a technical vision. Prior to joining Splunk in 2015, Craig held roles at Mandiant and the Internet & Television Association. A proud Blue Devil, Craig holds a B.S.E in Computer Engineering and a Master of Engineering Management both from Duke University.

Join the Discussion