Digital Resilience Pays Off
Download this e-book to learn about the role of Digital Resilience across enterprises.
Introducing the Free Campus Compliance Toolkit for NIST 800-171
By
Splunk
With the December 31st deadline for DOD research grants rapidly approaching, campuses across the country are diving into discussions around NIST 800-171 compliance. We at Splunk are committed in our mission to help higher education customers leverage the power of machine data to address challenges ranging from student retention to compliance.
For those of you who joined us in our booth at EDUCAUSE 2017, you saw how Splunk can help universities with achieving and evidencing NIST 800-171 compliance.
What is NIST 800-171?
Just because certain government data isn’t classified doesn’t mean that it should be stolen in a cyberattack. In June 2015, the National Institute of Standards & Technology released NIST 800-171 which, simply put, is a minimum standard of care required of certain government data when that data is entrusted to someone outside of the government. An increasing number of government agencies are leveraging standards like NIST 800-171 to ensure the protection of data when shared with third parties.
The Department of Defense is the first to adopt NIST 800-171 widespread with the first deadline rapidly approaching December 31st. However, many government agencies are not far behind. The Department of Education strongly recommends that universities review the NIST 800-171 controls when considering their Title IV obligation to safeguard student information. Splunk can help with achieving and evidencing certain NIST 800-171 controls. For more information on NIST 800-171, check out our whitepaper "Driving Institutional Research Excellence With NIST 800-171 Compliance."
About the Campus Compliance Toolkit for NIST 800-171
Many universities are already turning to Splunk to meet the log collection requirements specified in NIST 800-171. Yet, we are always on a quest to ensure our customers can derive the maximum value out of their data. Rather than using Splunk only to satisfy the log collection requirement, we are committed to helping customers leverage the power of machine data to meet additional requirements and simplify the compliance process. Splunk’s Higher Education team has partnered with Blackwood Associates, Inc (BAI) to develop the Campus Compliance Toolkit for NIST 800-171, which was released in December 2017. View our recorded webinar to learn more.
The Campus Compliance Toolkit for NIST 800-171 is an extensible collection of tools built for universities grappling with these compliance requirements.
The Toolkit includes pre-built dashboards and searches that can help a university get started with evidencing and/or achieving compliance for the following controls:
Control 3.1.1 |
Brief Description Limit system access to authorized users |
3.1.6 |
Use of non-privileged accounts |
3.1.7 |
Prevention of privileged functions |
3.1.8 |
Unsuccessful logon attempts |
3.1.12 |
Monitor remote access |
3.1.20 |
Use of external systems |
3.1.21 |
Portable storage |
3.3.1 |
Create protect and retain audit records |
3.3.2 |
User action audit |
3.3.3 |
Audit event reviews |
3.3.4 |
Audit failure alerts |
3.3.5 |
Audit event monitoring |
3.3.6 |
On-demand audit analysis and reporting |
3.3.7 |
Time synchronization |
3.3.8 |
Protect audit information and tools |
3.3.9 |
Limit audit management users |
3.4.6 |
Least functionality |
3.4.7 |
Nonessential functions ports protocols and services |
3.4.8 |
Default deny |
3.4.9 |
Control and monitor user installed software. |
3.5.6 |
Identifier inactivity |
3.8.7 |
Removable media |
3.11.2 |
Vulnerability scanning |
3.11.3 |
Vulnerability remediation |
3.12.3 |
Control effectiveness |
3.13.1 |
Boundary protection |
3.13.13 |
Mobile code |
3.14.1 |
Flaw handling |
3.14.3 |
Alert monitoring |
3.14.4 |
Protection updates |
3.14.5 |
File and malware scanning |
3.14.6 |
Traffic monitoring |
3.14.7 |
Unauthorized use |
The Toolkit can also help with:
Defining white and black lists for software, processes, and port usage and monitoring for deviations
Identifying and alerting on audit process failures
Proving that controls are reviewed for compliance on a regular basis
The Toolkit is extensible and allows you expand to additional controls either on your own or with the help from our services team.
Best of all, the Toolkit will be available for free to new and existing Splunk customers!
Learn More
Looking for more information, view our recorded webinar for our announcement of the app and an overview of the NIST 800-171 solution offerings.
----------------------------------------------------
Thanks!
Craig Vincent
Related Articles
About Splunk
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
