U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Security Guidelines for Storage Infrastructure: NIST SP 800-209
October 26, 2020

Storage infrastructure—along with compute (encompassing OS and host hardware) and network infrastructures—is one of the three fundamental pillars of Information Technology (IT). However, compared to its counterparts, it has received relatively limited attention when it comes to security, even though data compromise can have as much negative impact on an enterprise as security breaches in compute and network infrastructures.

In order to address this gap, NIST is releasing Special Publication (SP) 800-209, Security Guidelines for Storage Infrastructure, which includes comprehensive security recommendations for storage infrastructures. The security focus areas covered in this document not only span those that are common to the entire IT infrastructure—such as physical security, authentication and authorization, change management, configuration control, and incident response and recovery—but also those that are specific to storage infrastructure, such as data protection, isolation, restoration assurance, and data encryption.

Created October 27, 2020