I work for a very small company (12 people maybe) that is sub on a small fed contract and is currently strapped for cash after the ending of another contract about 6 months back. Despite having no experience with this, my company has assigned me to develop the System Security Plan (SSP) and implement a system that is NIST 800-171 compliant for handling CUI. While we don't need to handle ITAR or need CMMC cert, that may be helpful to open doors in the future and I thought the solution provided here in very limited detail seemed ideal since it leaves out personal equipment: https://www.ktlsolutions.com/cloud-based-solutions-for-meeting-cmmc-requirements/ . Unfortunately, we cannot afford the consulting fee for help with this, and, additionally, if I know what I'm doing, I imagine this just takes a few clicks and config settings in Azure Government to implement. I have an Azure Government trial account. My question is two fold: for one, is there any reason to think that me with some Azure Commercial experience won't be able to set this up myself and, 2, where do I begin? Are there any guides available? I have done ten thousand Google searches of various things in the past week and it feels like the only way I can find answers is to pay a huge consulting fee. Any help would be greatly appreciated.
How to set up a NIST 800-171 compliant environment for CUI
398 views Asked by Tamer Rifai At
1
There are 1 answers
Related Questions in AZURE-GOV
- Azure Cross Cloud Auth using AAD
- Azure File Share, auth. via Azure AD Kerberos for hybrid identities over SMB
- Graph API - how to list site drives in GCC High Environment?
- Azure ACS endpoint for US gov cloud
- AADSTS65002: Consent between first party application error with Visual Studio 2022 / Azure Government
- GET and POST Function App Function/Host Keys Using Python (Azure Government)
- Azure Python SDK - connecting to USGov with CLI Credentials fails?
- Are there any guidelines for making mobile applications Azure Govt Cloud compliant?
- How to set up a NIST 800-171 compliant environment for CUI
- Microsoft Graph List places API support for US National cloud
- Azure Managed Identity and Terraform not working in AzureUSGoverment
- Azure python sdk authentication with cert hangs
- Error when a Government cloud user is accessing web app hosted in commercial cloud
- Service Fabric .NET Framework services and ApplicationInsights.config endpoints for Azure gov
- Pulling docker images from gov cloud when we are working in commercial cloud in Azure and vice-versa
Related Questions in NIST
- What abilities should I concentrate on while bug hunting, and how can I improve the quality of my bug bounty reports?
- Submitting NVD API CVE Search by cpeName with special characters
- NLTK's sentence_nist() returns ZeroDivisionError when the hypothesis & reference are the same
- Openssl command to generate NIST key pair for ECDSA P384 curve
- Bulk CVE requests to NIST json APIs
- How to implement FAL3 requirements in Azure AD?
- ECDSA Signature Verification fails using openssl
- Valgrind Memory error detection on just call to Py_Initialize() and nothing else
- How do I install WFDS (Wildfire Dynamic Simulator) when openmpi library "is not loaded"?
- Requesting to validate the NIST equation provided
- BCrypt DRBG Compatibility with NIST SP 800-90A R1
- Append to a JSON file using requests.get
- How to get CPE from package?
- Input File Format for NIST Test for Randomness
- (ECDSA-BouncyCastle)Cryptographic Algorithm Validation Program(CAVP) Testing: Digital Signatures
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Popular Tags
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
You'll want to look at Azure Blueprints. Azure Blueprints provides a set of Azure Policies that will ensure that your subscription meets the NIST 800-171 guidance. See this article for more info on the NIST 800-171 blueprint: https://learn.microsoft.com/en-us/azure/governance/blueprints/samples/nist-sp-800-171-r2