Case Study

NIST 800 – 171 3.1.13
Employ cryptographic mechanisms to protect the confidentiality of remote access sessions.

What this control is looking for is something that is FIPS Validated or compliant to be used to be wrapped around remote access. FIPS is described here. What this essentially means is that your encryption needs to be one of the kinds listed here. If your technology has encryption that allows remote access then it needs to be FIPS compliant. If your encryption is on this list you are good, if not you need to possibly add that functionality to your equipment or replace that equipment. This mainly is relevant to your WIFI and your VPN. So be aware that you use encryption to encapsulate these connections and they need to be FIPS compliant.

Subscribe to our Podcast