Best products from r/NISTControls
We found 7 comments on r/NISTControls discussing the most recommended products. We ran sentiment analysis on each of these comments to determine how redditors feel about different products. We found 5 products and ranked them based on the amount of positive reactions they received. Here are the top 20.
1. Integral 4GB Crypto Drive - FIPS 140-2 Encrypted USB
- AES 256-bit hardware encryption is superior to software encryption used by many other "high security" USBs
- The Crypto Drive has been independently tested for data encryption by the Federal Information Processing Standards (FIPS) committee and validated to FIPS 140 Level 2
- Mandatory encryption ensures a user cannot save unprotected files to the Crypto Drive, a password must be setup before use
- Crypto Drive has a zero footprint - No software installation is required before use. Works on Windows XP, Vista, 7 and 8 without administrator privileges
- Compatible with endpoint security software. The Integral Crypto operates comfortably with endpoint security solutions
Features:
2. Mic-Lock Microphone Blocker (3 Pack) – Signal Blocking Device (3.5mm) for Laptops, Smartphones, Tablets, and Desktop Computers - Data Security, Privacy Protection, Counter Surveillance Equipment
- KEEP CONVERSATIONS PRIVATE! Mic-Lock secures your device’s microphone input with proprietary semiconductor comes with a lifetime guarantee.
- PREVENTS CYBER ATTACKERS from using your microphone to listen in on you.
- THE ONLY ANTI-SPYING Mic sound blocker on the market.
- COMPACT DESIGN with keychain attachment is portable for work and travel. Use with our webcam cover for complete audio protection.
- SIMPLY PLUG into your laptop, phone or tablet and you’re ready to go!
Features:
3. System Security Plan (SSP) Template & Workbook - NIST-based: A Supplement to “Blueprint: Understanding Your Responsibilities to Meet NIST 800-171
4. DFARs NIST Security CUI Confidential Unclassified Information Compliance Permanent Waterproof Labels - (3" x 4" - 1000 pack)
Waterproof high-quality polypropylene that won't bleed or blurPermanent non-removable adhesive backingHighest-quality offset printingMade to fit most media, folders, backup tapes, boxes and moreDFARs / NIST compliance product - required for all US Government contractors
You can always go with something like this:
https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1873.pdf
>
> iStorage datAshur Secure USB Flash Drive (“iStorage datAshur” or “datAshur”) is an encrypted storage
> device that provides organizations a secure way to store and transfer data. User authentication is selfcontained
> via an on-board keypad. Stored data is secured by hardware-based 256-bit AES encryption to
> guard sensitive information in case the drive is lost or stolen.
>
> Encryption keys are not stored in memory, but rather created from a combination of random data and
> user supplied PIN each time the drive is put to use. Random data is generated from a hardware-based
> random number generator feeding the FIPS approved random number generator.
>
>
We also helped a company setup an SFTP server for deliverable transfers, the users on either side of the SFTP required 2FA and the like. This was for a company having to meet 171 requirements as well.
But you can buy USB-type devices that specifically are made to meet FIPS 140-2 requirements that would solve your problem as well.
As an example - https://www.amazon.com/Integral-4GB-Crypto-Drive-Encrypted/dp/B004MSYJX0
Do you label the USB drives or the envelope they are inside given the USB is a bit too small?
For folders, boxes for offsite storage, we can use these labels.
https://www.amazon.com/dp/B071XYYTKB?th=1
We have several hundred boxes of CUI in a file storage facility, would we need to label the ones already in storage or just those going out now?
Just bought this. Will let you know when I get it:
​
https://www.amazon.com/gp/product/198052999X/