This article provides guidance on protecting data in transit in or out of the Amazon Web Services (AWS) environment. This blog post is for developers and manufacturers working with private-trust client or device certificates, such as those used in a software application or IoT device. The article from the FTC focuses on how a small business can put network security first by giving the employees the tools they need. This article describes best practices for data security and encryption within Microsoft’s Azure environment. This article provides a simple explanation of TLS, along with its use cases. This NIST Special Publication offers recommendations for designing, configuring, and managing SSL VPN solutions. This NIST special publication provides information on security considerations for several types of remote access solutions. NIST resource that defines requirements for configuring information systems to provide only essential capabilities such as restricting / blacklisting software. NIST resource that defines requirements for proper termination of network connections for predefined sessions time or period of inactivity. NIST resource that define requirements for proper protection of confidentiality and integrity of transmitted information. This publication describes VOIP, its security challenges, and potential countermeasures for related vulnerabilities. This NIST Special Publication offers recommendations for designing, configuring, and managing IPSec VPN solutions. This NIST Special Publication provides an understanding on integrating information security practices into service oriented architecture design and development based on Web services. This sample policy provided by SANS can be customized and used to address remote access. This SANS whitepaper discusses the use of Public Key Infrastructure (PKI) to meet business, regulatory, and compliance requirements. OPM resources that provides guides and information on security technologies used for telework. This page from The UC Berkeley Information Security Office offers basic tips to system administrators for securing Windows Remote Desktop. US-CERT resource that provides considerations and mitigations for implementing an effective remote work organization.
This document provides self-assessment guidance for conducting Cybersecurity Maturity Model Certification (CMMC) assessments for Level 1. This document provides assessment guidance for conducting Cybersecurity Maturity Model Certification (CMMC) assessments for Level 2. This document provides assessment guidance for conducting Cybersecurity Maturity Model Certification (CMMC) assessments for Level 3. The purpose of this publication is to provide procedures for assessing the CUI requirements in NIST Special Publication 800-171.