3.13.4 Prevent Unintended Information Transfer

3.13.4  Prevent unauthorized and unintended information transfer via shared system resources.

To go back to the NIST 800-171 Controls page, click here.

Guides

• SANS Institute – Implementing Least Privilege in a Small Business

Sample Policy & Procedures

• VITA – IT System and Communications Protection Policy
• Environmental Protection Agency – Chief Technology Officer

Example Tools

• Encryption
• Smart Cards
• Access Control Lists (ACLs)
• Advanced Intrusion Detection Environment
• Security-Enhanced Linux (SELinux)

Videos

• BrightTALK – How to Balance User Empowerment & Security Using Least Privilege

Vendor Documentation

• Coalfire – Implementing the New Windows Server 2016 Hyper-V Shielded VM Feature For ISO 27001, PCI, and FedRAMP
• Exostar Encryption & Digital Rights Management