Introducing the Free Campus Compliance Toolkit for NIST 800-171

With the December 31st deadline for DOD research grants rapidly approaching, campuses across the country are diving into discussions around NIST 800-171 compliance. We at Splunk are committed in our mission to help higher education customers leverage the power of machine data to address challenges ranging from student retention to compliance.

For those of you who joined us in our booth at EDUCAUSE 2017, you saw how Splunk can help universities with achieving and evidencing NIST 800-171 compliance.  

What is NIST 800-171?

Just because certain government data isn’t classified doesn’t mean that it should be stolen in a cyberattack. In June 2015, the National Institute of Standards & Technology released NIST 800-171 which, simply put, is a minimum standard of care required of certain government data when that data is entrusted to someone outside of the government. An increasing number of government agencies are leveraging standards like NIST 800-171 to ensure the protection of data when shared with third parties.

The Department of Defense is the first to adopt NIST 800-171 widespread with the first deadline rapidly approaching December 31st. However, many government agencies are not far behind. The Department of Education strongly recommends that universities review the NIST 800-171 controls when considering their Title IV obligation to safeguard student information. Splunk can help with achieving and evidencing certain NIST 800-171 controls. For more information on NIST 800-171, check out our whitepaper "Driving Institutional Research Excellence With NIST 800-171 Compliance."

About the Campus Compliance Toolkit for NIST 800-171

Many universities are already turning to Splunk to meet the log collection requirements specified in NIST 800-171. Yet, we are always on a quest to ensure our customers can derive the maximum value out of their data. Rather than using Splunk only to satisfy the log collection requirement, we are committed to helping customers leverage the power of machine data to meet additional requirements and simplify the compliance process. Splunk’s Higher Education team has partnered with Blackwood Associates, Inc (BAI) to develop the Campus Compliance Toolkit for NIST 800-171, which was released in December 2017. View our recorded webinar to learn more.

The Campus Compliance Toolkit for NIST 800-171 is an extensible collection of tools built for universities grappling with these compliance requirements.

The Toolkit includes pre-built dashboards and searches that can help a university get started with evidencing and/or achieving compliance for the following controls:



Brief Description

Limit system access to authorized users


Use of non-privileged accounts


Prevention of privileged functions


Unsuccessful logon attempts


Monitor remote access


Use of external systems


Portable storage


Create protect and retain audit records


User action audit


Audit event reviews


Audit failure alerts


Audit event monitoring


On-demand audit analysis and reporting


Time synchronization


Protect audit information and tools


Limit audit management users


Least functionality


Nonessential functions ports protocols and services


Default deny


Control and monitor user installed software.


Identifier inactivity


Removable media


Vulnerability scanning


Vulnerability remediation


Control effectiveness


Boundary protection


Mobile code


Flaw handling


Alert monitoring


Protection updates


File and malware scanning


Traffic monitoring


Unauthorized use


The Toolkit can also help with:

  • Defining white and black lists for software, processes, and port usage and monitoring for deviations

  • Identifying and alerting on audit process failures

  • Proving that controls are reviewed for compliance on a regular basis

The Toolkit is extensible and allows you expand to additional controls either on your own or with the help from our services team.

Best of all, the Toolkit will be available for free to new and existing Splunk customers!

Learn More

Looking for more information, view our recorded webinar for our announcement of the app and an overview of the NIST 800-171 solution offerings.

Craig Vincent
Posted by

Craig Vincent

Craig Vincent is Sr. Manager of the Global Customer Journey Team at Splunk. He leads a multi-functional team working on exciting new projects to improve customer experiences. Craig is passionate about new technology. From his years as a technologist and an advisor, Craig has expertise in matching the latest business challenges with technological solutions for businesses and individuals. Prior to joining Splunk in 2015, Craig held roles at Mandiant and the Internet & Television Association.  In 2020, Craig was recognized at the Black Engineer of the Year Awards as a Modern Technology Leader. A proud Blue Devil, Craig holds a B.S.E in Computer Engineering and a Master of Engineering Management both from Duke University and a Professional Certificate in Artificial Intelligence & Machine Learning from the Massachusetts Institute of Technology.

Join the Discussion