NIST Issues Two Reports

Guide to Enterprise Telework, Common Configuration Scoring System The National Institute of Standards and Technology's Computer Security Division released two documents on Tuesday, a guide to enterprise telework and remote access security and a draft of proposed guidance on testing software security vulnerabilities.

According to NIST:

Special Publication 800-46 Revision 1, Guide to Enterprise Telework and Remote Access Security, is intended to help organizations understand and mitigate the risks associated with the technologies they use for telework. The guide emphasizes the importance of securing sensitive information stored on telework devices and transmitted across external networks, and it also provides recommendations for selecting, implementing, and maintaining the necessary security controls. Draft SP 800-46 Revision 1 is a comprehensive update to the original SP 800-46, which was published in 2002.

NIST Interagency Report 7502, The Common Configuration Scoring System (CCSS): Metrics for Software Security Configuration Vulnerabilities, is available for public comment. This report proposes a specification for CCSS, a set of standardized measures for the severity of software security configuration vulnerabilities. NIST IR 7502 also provides examples of how CCSS measures and scores would be determined. Once CCSS is finalized and its measures for products are available, organizations can use them to help make security decisions based on standardized, quantitative vulnerability data. Comments on the draft can be submitted to with "Comments IR 7502" in the subject line by July 17.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.