Anyone out there deal with NIST and Classified/Controlled Unclassified Info

By joeatheist ·
I work for a company that deals with the Department of Defense and other government entities. We handle both Classified and Controlled Unclassified Information (CUI). The government has certain guidelines defined by an agency called NIST. We have found that the easiest way to comply to these standards is by separating any PC that accesses CUI from the internet. So we cannot be hacked into and have a "breach" occur. This solution is slowly becoming impossible. Our employees also need internet access for email and ordering, and on and on and on. Is there anyone out there in a similar situation? What type of solutions have you come up with? I have some ideas but admit I am a novice at this type of security. Would love to hear from anyone, any type of solution. In the post below this I will ask a question about an idea I've had.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

One Idea - Is it practical?

by joeatheist In reply to Anyone out there deal wit ...

So I have thought about the possibility of adding a second ethernet port to each workstation one for our database server only and another for internet access. Only thing is that when the internet is active I would have to ensure somehow that the other port is automatically disabled so that no one could hack in while any of the employees are connected to the outside world. Possible? Practical? Better solution? Currently, we have two PC's at most stations one with internet access the other connected to our internal filesharing servers. However this is just not practical.

Related Discussions

Related Forums