NIST publishes guidance on security for information exchanges

Organizations have mission and business-based needs to exchange or share information with one or more internal or external organizations via various information exchange channels. In order to protect the confidentiality, integrity, and availability of the information commensurate with risk, the information being exchanged requires protection at the same or similar levels as it moves from one organization to another.

NIST’s publication, Managing the Security of Information Exchanges, provides guidance on identifying information exchanges; considerations for protecting exchanged information before, during, and after the exchange commensurate with risk; and sample templates of the agreements needed to manage the protection of the exchanged information.

Rather than focus on any particular type of technology-based connection or information access, this publication has been updated to define the scope of information exchange, describe the benefits of securely managing information exchange, identify types of information exchanges, discuss potential security risks associated with information exchange, and detail a four-phase methodology to securely manage information exchange between systems and organizations.

This document also recommends steps for each phase of the methodology with an emphasis on the security measures necessary to protect the shared data.

Read the full report

Related Posts

Previous Post
RavenPack: alt-data applied to sovereign bond investing
Next Post
BlackRock-backed “neo-broker” Scalable Capital expands to derivatives

Fill out this field
Fill out this field
Please enter a valid email address.

X

Reset password

Create an account