ThreatLocker & NIST 800-171 Compliance
Introduction
NIST 800-171 is a set of requirements developed by the National Institute of Standards and Technology that companies and organizations are required to comply with to protect and safeguard Controlled Unclassified Information (CUI). Its purpose is to safeguard classified information from cyber threats and unauthorized activities. The top three most important cybersecurity controls outlined in NIST 800-171 are Access Control, Audit and Accountability, and System and Information Integrity.
ThreatLocker’s purpose is to provide an innovative method of cybersecurity through a Zero Trust approach. Its products collectively work together to fulfill the top three most important controls within NISP to ensure the utmost level of cybersecurity. ThreatLocker highlights various innovative features, such as Allowlisting and Ringfencing, among others.
Access Control (AC)
Access Control is one of the most critical aspects of cybersecurity. Its function is to limit authorization and access to sensitive cyber information. ThreatLocker products prevent breaches and cybercrime through multiple features, including Application Allowlisting, which only runs applications that have been authorized. Allowlisting automatically denies all applications, including unwanted software and malware, ensuring security and systemization. Another key feature, Ringfencing, limits software activity to minimize outside risks by controlling how applications interact with one another, ultimately blocking ransomware. Using these innovative features, ThreatLocker’s products can support companies in responsibly safeguarding their confidential information.
Audit and Accountability (AU)
Audit and Accountability focuses on tracking and logging user activities related to classified information. The function of this cybersecurity regulation is to detect unauthorized activity and respond accordingly. This demonstrates a meticulous method of identifying and addressing prohibited activities and practices. ThreatLocker products adhere to this control through extensive monitoring and unified auditing. These features also include alerting IT specialists and responding to the unauthorized attack according to the company’s custom IOCs (Indicators of Compromise). This ensures further protection and consistent accountability.
System and Information Integrity (SI)
System and Information Integrity centers on securing data and systems, while simultaneously preventing unauthorized adjustments or modifications. ThreatLocker’s products fulfill SI by denying prohibited cyber activity. These pivotal security features include real-time monitoring, allowlisting, and swift responses. For example, ThreatLocker’s Detect program is designed to detect suspicious activity and respond accordingly by alerting admins and isolating the compromised server to reduce the risk of attack.
Resources
Ross, R., & Pillitteri, V. (2024). Protecting controlled unclassified information in nonfederal systems and organizations. National Institute of Standards and Technology. https://doi.org/10.6028/nist.sp.800-171r3
SI-1: Policy and Procedures. CSF Tools - The Cybersecurity Framework for Humans. (n.d.). https://csf.tools/reference/nist-sp-800-53/r5/si/si-1/
ThreatLocker (2024). Solutions Overview.
ThreatLocker. (2023, April 11). Threatlocker and NIST 800-53 R4: Control CM-7 least functionality: Control Enhancement (5). ThreatLocker Knowledge Base.
ThreatLocker. (2023). The IT Professionals Blueprint for Compliance.