AWS Public Sector Blog

Get Your University Ready for NIST 800-171

The deadline to implement National Institute of Standards and Technology (NIST) Special Publication 800-171 is fast approaching. Beginning in January 2018, you may miss out on government funding that stipulates its implementation if you have not taken action.

In 2015, NIST published Special Publication (SP) 800-171 – Protecting Controlled Unclassified Information in Non-federal Information Systems and Organizations – introducing the standards for non-federal entities, such as academic institutions working under a government contract. NIST 800-171 was meant to take the security controls from a larger NIST publication, NIST 800-53, and assist non-federal agencies to apply controlled unclassified information (CUI) controls to their environments. When NIST 800-171 was published, it specified a grace period that ends on December 31, 2017. Therefore, compliance with the framework is mandatory beginning in 2018.

Many universities are turning to AWS to leverage the robust controls in place to maintain security and data protection in the cloud and be compliant with NIST 800-171 rather than overhauling their existing environment or data center facilities. For example, as Purdue University mentions in a recent article published on Educause, AWS allowed them to create a separate domain for controlled research without negatively impacting their existing facilities.

AWS makes compliance easy by providing free NIST 800 Quick Starts. The Quick Start is a reference deployment guide that discusses architectural considerations and steps for deploying NIST 800-53 and 800-171 on the AWS Cloud. In addition, the Quick Starts include an AWS CloudFormation template that automates the heavy lifting required to deploy the reference architecture. Also, the Quick Starts include a security controls matrix, which maps the architecture components to the requirements specified in NIST 800-53 and NIST 800-171.

To get started, view the Quick Start guide in HTML or PDF. To launch the Quick Start, either click on the following link in your browser, or from the AWS console, paste the following URL  into the CloudFormation console in US-East-1 as shown below:


If you need assistance with an enterprise implementation of the capabilities introduced through this Quick Start, AWS Professional Services offers an Enterprise Accelerator – Compliance service to guide and assist with the training, customization, and implementation of deployment and maintenance processes.

Please contact your AWS Account Manager for further information, or send an inquiry to: