NIST Framework Compliance

The NIST Cybersecurity Framework is the most comprehensive and widely-used guide to information security today, providing recommendations that help thousands of organizations protect their systems and data. Initially developed by the National Institute of Standards and Technology in 2014, the framework defines the critical steps that any organization should follow to minimize its risk from cybersecurity threats.

For US government agencies, the NIST framework is more than just a reference. Executive Order 13800, issued in May 2017, requires all federal agencies to adopt the framework as their official standard for cybersecurity. Agency heads are responsible for developing detailed risk management plans and for keeping their agencies’ cybersecurity activities aligned with the NIST framework recommendations.

PKWARE’s Smartcrypt can help any organization secure its sensitive data and meet the NIST framework standards. Smartcrypt delivers persistent strong encryption and intelligent data discovery, ensuring that only authorized users can access data, even when it is shared outside an organization’s network. PKWARE’s smart encryption solution is officially designated as an anti-terrorism and cybersecurity technology by the US Department of Homeland Security, and is currently in use by more than 200 government entities.

Persistent data security and more

Unlike other encryption solutions, Smartcrypt encrypts data the moment it is created or saved. Once Smartcrypt encryption is applied, it stays with the data everywhere it is used, shared, or stored. This persistent protection ensures that data remains secure even when it is transmitted from the mainframe to user devices, web servers, or other external destinations.

PKWARE’s innovative Smartkey technology automatically generates, synchronizes, and exchanges encryption keys according to your organization’s security policies, making the process automatic for end users. Smartkeys can be managed using Smartcrypt’s administrationr console and can be stored on third-party dedicated key management appliances.

Protect data and meet NIST Standards

Smartcrypt provides strong, FIPS 140-2 compliant encryption, along with innovative data discovery functionality that identifies and protects data on user devices and network storage. Organizations can use Smartcrypt to meet many of the standards contained in the NIST framework.

NIST Framework Subcategory Standard
ID.RA-1 Asset vulnerabilities are identified and documented
PR.DS-1 Data-at-rest is protected
PR.DS-2 Data-in-transit is protected
PR.DS-5 Protections against data leaks are implemented
PR.PT-1 Audit/log records are determined, documented, implemented, and reviewed in accordance with policy

Implementing Smartcrypt

Smartcrypt is designed for maximum flexibility, allowing organizations to implement solutions that meet their unique data protection requirements.

The Smartcrypt client application is installed on each device that will be used to access or store sensitive information. The application can be used to encrypt files, email messages, structured data, and other forms of data on any enterprise operating system. The web-based Smartcrypt management console lets administrators create and apply encryption policies across the entire organization. In addition, the Smartcrypt software development kit lets organizations build strong encryption into their proprietary applications with only a few new lines of code.

Unlike solutions that increase file sizes after encryption, Smartcrypt uses PKWARE’s industry-best compression technology to reduce data volumes before encryption, resulting in lower costs for data storage and transmission.