This section is intended to help organizations ensure confidentiality and integrity of data in transit. Implementation Assessment Amazon – How to protect data in transit This article provides guidance on protecting data in transit in or out of the Amazon Web Services (AWS) environment. BrightTalk – Insights: Methodology for Cloud Certificate Lifecycle Management This video by Entrust discuss certificate and credential lifecycle management within the cloud. BrightTALK – Reducing Risk Through Effective Certificate Management This webcast covers some common risks found in an SSL environment and how to resolve them. Federal Trade Commission – Cybersecurity for Small Business: Secure Remote Access The article from the FTC focuses on how a small business can put network security first by giving the employees the tools they need. Microsoft Docs- Azure Data Security and Encryption Best Practices This article describes best practices for data security and encryption within Microsoft’s Azure environment. NetworkWorld – Transport Layer Security (TLS) This article provides a simple explanation of TLS, along with its use cases. NIST SP 800-113 Guide to SSL VPNs This NIST Special Publication offers recommendations for designing, configuring, and managing SSL VPN solutions. NIST SP 800-46 Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security This NIST special publication provides information on security considerations for several types of remote access solutions. NIST SP 800-53: CM-7 Least Functionality NIST resource that defines requirements for configuring information systems to provide only essential capabilities such as restricting / blacklisting software. NIST SP 800-53: SC-10 Network Disconnect NIST resource that defines requirements for proper termination of network connections for predefined sessions time or period of inactivity. NIST SP 800-53: SC-8 Transmission Confidentiality and Integrity NIST resource that define requirements for proper protection of confidentiality and integrity of transmitted information. NIST SP 800-58 Security Considerations for Voice Over IP Systems This publication describes VOIP, its security challenges, and potential countermeasures for related vulnerabilities. NIST SP 800-77 Guide to IPSec VPNs This NIST Special Publication offers recommendations for designing, configuring, and managing IPSec VPN solutions. NIST SP 800-95 Guide to Secure Web Services This NIST Special Publication provides an understanding on integrating information security practices into service oriented architecture design and development based on Web services. SANS – Remote Access Policy This sample policy provided by SANS can be customized and used to address remote access. SANS Whitepaper – Building and Managing a PKI Solution This SANS whitepaper discusses the use of Public Key Infrastructure (PKI) to meet business, regulatory, and compliance requirements. U.S. Office of Personnel Management – Telework Guidance OPM resources that provides guides and information on security technologies used for telework. University of California Berkeley – Securing Remote Desktop (RDP) for System Administrators This page from The UC Berkeley Information Security Office offers basic tips to system administrators for securing Windows Remote Desktop. US-CERT – Enterprise VPN Security US-CERT resource that provides considerations and mitigations for implementing an effective remote work organization. NIST Handbook 162 NIST MEP Cybersecurity Self-Assessment Handbook For Assessing NIST SP 800-171 Security Requirements in Response to DFARS Cybersecurity Requirements This Handbook provides a step-by-step guide to assessing a small manufacturer’s information systems against the security requirements in NIST SP 800-171 rev 1. NIST SP 800-171A Assessing Security Requirements for Controlled Unclassified Information The purpose of this publication is to provide procedures for assessing the CUI requirements in NIST Special Publication 800-171.