The National Institute of Standards and Technology (NIST) is looking for input on a government guide on how to handle sensitive federal information that resides in nonfederal systems and organizations.
Last fall, NIST issued recommendations for securing sensitive data on IT systems at companies that work for the government. The draft standards, released Nov. 18, are aimed at contractors and other nonfederal organizations that store controlled but unclassified information (CUI) in the course of their work.
At the time, NIST officials told FCW that nonfederal organizations must try to meet a wide range of contract clauses. “Conflicting guidance” from multiple agencies can lead to “confusion and inefficiencies” about how to handle sensitive federal information in nonfederal information systems that include contractors, state and local governments, and colleges and universities.
Keep reading this article at: http://fcw.com/articles/2015/04/07/nist-data-guidance.aspx