In an ongoing commitment to protecting our clients through every step of the design and development process, MJS Designs is pleased to announce that we have achieved a perfect score on the NIST SP 800-171 compliance requirement.

“We pride ourselves on meeting industry standards for protecting our client data and designs,” said Dawn Northrop, president of MJS Designs. “The results of our NIST compliance show our commitment to cybersecurity and protecting our IT environment, which ensures our customers data is guarded.”

The assessment outlines all required security standards and industry standard practices for any non-federal organizations (i.e. contractors and suppliers) that handle controlled unclassified information (CUI) on their systems and networks for the Department of Defense, General Services Administration, and NASA.

At the moment, there is no official audit for the NIST SP 800-171. With the help of a third-party expert and a knowledgeable IT team, MJS Designs completed each labor-intensive requirement of the assessment, self-attesting to the compliance of each rigorous industry standard covered.

The first version of the assessment was released in June 2015 by the National Institute of Standards and Technology (NIST) and has received regular updates to meet growing cybersecurity standards and needs, with revision two being released in February 2020.

The NIST SP 800-171 assessment contains 110 security requirements organized into 14 groups. A perfect score means each control listed in the assessment has been completely implemented to meet rigorous confidentiality, safety and security standards and statements have been included in the Security Assessment Report and System Security Plan that explain how the requirement has been satisfied.

  • Access Control – to ensure only authorized users can access a system.
  • Awareness and Training – to ensure system administrators and users are aware of risks and procedures.
  • Audit and Accountability – to focus on the recording, storage, auditing and analyzing of system and event logs.
  • Configuration Management – to address the setup and configuration of hardware, software and devices on company systems and networks.
  • Identification and Authentication – to ensure only authenticated users can access systems and networks.
  • Incident Response – to address the company’s ability to respond to a cybersecurity threat or incident.
  • Maintenance – to ensure best practices are used in system and network maintenance.
  • Media Protection – to guide the company through best practices for storing or destroying sensitive media and information.
  • Personnel Security – to safeguard CUI in relation to personnel and employees through security screenings and strict badge and hardware return policies upon termination.
  • Physical Protection – to control physical access to CUI by personnel and visitors.
  • Risk Assessment – to guide the company in regular risk assessments and scans for vulnerabilities to continue increasing the security of confidential information.
  • Security Assessment – to address development, monitoring and renewal of the system controls and security plans a company has in place.
  • System and Communications Protection – to lay the groundwork for monitoring and safeguarding systems, monitoring network communication traffic and prevention of unauthorized information transfers.
  • System and Information – to handle ongoing monitoring and protection of systems within the company.

Completion of the NIST SP 800-171 assessment is a current industry requirement and a pre-cursor requirement for the multi-year, multi-phase rollout of the Cybersecurity Maturity Model Certification (CMMC). MJS Designs is pursuing Level 2 CMMC.and the pre-assessment audit is planned for February 2022.

MJS Designs provides services including printed circuit board design, system builds, test solutions and more. We have a long-standing reputation for exceptional security and privacy protocols that protect clients and projects through every step of the process. Learn more about the company wide certifications and qualifications we adhere to in order to always meet and exceed rigorous industry standards by visiting mjsdesigns.com/leadership-and-credentials.