The National Institute of Standards and Technology has released guidance that outlines a four-pronged strategy to protect the data organizations share with other parties via different channels for information exchange.
NIST said Tuesday that the “Managing the Security of Information Exchanges” guide offers sample agreement templates and recommends several measures to secure shared data.
The four phases described in the Special Publication (SP) 800-47 Revision 1, which aligns with the Office of Management and Budget Circular A-130, encompasses planning, establishing, maintaining and discounting the information exchange.
“In order to protect the confidentiality, integrity and availability of the information commensurate with risk, the information being exchanged requires protection at the same or similar levels as it moves from one organization to another,” the agency noted.
The document deviated from the technology-based information access and instead focused on imparting a redeveloped scope of information exchange and tackling the potential security risks in conducting data-sharing activity.