NIST SP 800‑171: Safeguarding Controlled Unclassified Information (CUI)
Secure handling of sensitive program data for DoD and OEM customers.
NIST SP 800‑171 defines cybersecurity practices for non‑federal organizations that process, store, or transmit Controlled Unclassified Information (CUI). Ci‑Dell implements policies, procedures, and technical controls aligned to NIST 800‑171 so that sensitive drawings, models, and contractual data are protected throughout the manufacturing lifecycle.
Key practices we apply:
- Access control and need‑to‑know restrictions for project data.
- Multi‑factor authentication and role‑based access for internal systems handling CUI.
- Secure, approved methods for file transfer and data exchange.
- Configuration/change management and patching disciplines on covered systems.
- Incident response procedures and user awareness training.
- Audit logging and retention aligned to program requirements.
Working with us on CUI‑covered programs:
- Clear instructions for submitting and marking CUI; NDA and flow‑down compliance.
- Project‑level data handling plans available on request (under NDA).
- Separation of customer data from non‑program information and controlled distribution on the shop floor.
- Support for customer cybersecurity questionnaires and supplier assessments.
Certification Details
- NIST 800‑171 compliance overview or attestation letter.
- Approved secure file‑transfer options and points of contact.
- Data handling plan template tailored to your program.