Secure Your Data Center by Following NIST Standards
The National Institute of Standards and Technology (NIST) is the official measure institute for the United States. It is a non-regulatory government agency that belongs to the Department of Commerce. NIST is responsible for creating measurement standards to improve efficiency in data centers. If your choice of co-located data center follows the NIST standards, you can be rest assured that your critical business data is in safe hands.
Data center infrastructure as well as information technology and its supporting applications are covered under the NIST standards. Key features of the NIST standards are based around security. Most recently, cyber security has come under the purview of the NIST publications. For data centers hosting data for federal agency data, some of the notable publications worth implementing are as follows:
1. The Special Publication 800-53 Revision 4 deals with security and privacy controls for federal information systems and organizations, and has been recently revised in April 2013. This version introduces state of the art security and privacy controls in the areas of application security, mobile and cloud computing, supply chain security and resiliency of information systems. It provides controls for real-time monitoring of systems so as to provide the C-suite with the right data to make business critical decisions in the advent of high risk and potential disaster situations. There are also mapping tables for mapping this standard to the international security standard ISO/IEC 15408.
2. Also worth noting is the Special Publication 800-30 Rev. 1 D which covers the extensive topic of conducting risk assessments. The guide clearly defines the differences between threats, vulnerabilities, risks and uncertainties and how to evaluate their likelihood and impact. Various assessment approaches such as quantitative, qualitative or semi quantitative are described. The standards advocate creating a risk management framework with key steps such as categorization, selection, implementation, assessment, authorization and monitoring.
A data center that is NIST compliant can be safely trusted with all your mission critical business data. For further inputs and to take a guided tour around the NIST compliance standards at Lifeline Data Centers.