This is the last (thank goodness) of a fourteen piece blog series intended to describe how Ascolta Greenfield environments achieve National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 Revision 1, Protecting Controlled Unclassified Information in Non-federal Systems, compliance. This entry covers the controls contained in the System and Information Integrity Policy and Procedures family.
What is it?
Integrity is defined as guarding against improper information modification or destruction and includes ensuring information non-repudiation and authenticity. It is the assertion that data can only be accessed or modified by the authorized employees. System and information integrity provides assurance that the information being accessed has not been meddled with or damaged by an error in the system. Examples of system and information integrity requirements include: flaw remediation, malicious code protection, security function verification, information input validation, error handling, non-persistence, and memory protection.
- Identify, report, and correct information and system flaws in a timely manner,
- Provide protection from malicious code at appropriate locations within company systems, and
- Monitor system security alerts and advisories and respond appropriately.
How does Greenfield solve it?
The Greenfield System identifies, reports, and corrects information system flaws and tests software updates related to flaw remediation for effectiveness and potential side effects before installation. We install security-relevant software updates within 48 hours of the release of the updates; and incorporate flaw remediation into the organizational configuration management process.
The Greenfield System employs malicious code protection mechanisms at Greenfield System entry and exit points to detect and eradicate malicious code. We configure malicious code protection mechanisms based on the Client’s existing Incident Response Plan.
The Greenfield Support Team receives information system security alerts, advisories, and directives from over fifteen reputable security organizations on an ongoing basis and generate internal security alerts, advisories, and directives that relate to the Greenfield System. We update malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures.
The Greenfield System performs scans as files are downloaded, opened, or executed and continuously scans the operating system for anomalies. We monitor all Greenfield instances to detect:
- Attacks and indicators of potential attacks in accordance with monitoring objectives established by the Greenfield Support Team; and
- Unauthorized local, network, and remote connections.
Finally, Greenfield deploys monitoring devices strategically within the information system to collect organization-determined essential information; and at all endpoints within the system to track specific types of transactions of interest to the organization.