I work for a company that deals with the Department of Defense and other government entities. We handle both Classified and Controlled Unclassified Information (CUI). The government has certain guidelines defined by an agency called NIST. We have found that the easiest way to comply to these standards is by separating any PC that accesses CUI from the internet. So we cannot be hacked into and have a “breach” occur. This solution is slowly becoming impossible. Our employees also need internet access for email and ordering, and on and on and on. Is there anyone out there in a similar situation? What type of solutions have you come up with? I have some ideas but admit I am a novice at this type of security. Would love to hear from anyone, any type of solution. In the post below this I will ask a question about an idea I’ve had.