Posts tagged NIST

cloud computing, Guidelines, NIST, security measures

Third in our Cloud Computing Webinar Series

By InfoLawGroup LLP on May 20, 2011

In the next in our series of free webinars on cloud computing, Information Law Group Attorney Richard Santalesa examines implications arising from NIST's "Guidelines on Security and Privacy in Public Cloud Computing," with a focus on the legal considerations any team tasked with implementation of security best practices will need to grapple with.To register for this free one hour webinar on May 24 at 12pm ET, visit - http://bit.ly/kyRdku

AICPA, best practices, BITS, cloud computing, COBIT, contracts, FIPS, information security, ISO 27001, ISO 27002, NIST, outsourcing, PCI DSS, SAS 70, SP 800-53, standards

Information Security Standards and Certifications in Contracting

By W. Scott Blackmer on May 26, 2010

It often makes sense to refer to an information security management framework or standard in an outsourcing contract, but this is usually not very meaningful unless the customer also understands what particular security measures the vendor will apply to protect the customer's data.

256-bit key, AES, assymetric cryptography, data at rest, DES, file encryption, FIPS 197, FIPS 200, hardward-based encryption, mobile encryption, NIST, NIST 800-53, OMB, OMB M-07-16, PKI, RSA Security, software disk encryption

Code or Clear? Encryption Requirements (Part 4)

By W. Scott Blackmer on October 04, 2009

In other posts, I talked about the trend toward more prescriptive encryption requirements in laws and regulations governing certain categories of personal data and other protected information. Here's an overview of the standards and related products available for safe (and legally defensible) handling of protected data.