The research setting poses distinctive information security risks and challenges.
The Noles Environment for Secure Technology (NEST) environment was designed to protect research data in accordance with national standards and university policies. This environment incorporates data security best practices to provide a safe space for the storage and sharing of data, letting university researchers focus on their work without having to worry about data controls and settings.
What is the Purpose of NEST?
NEST exists to protect controlled, unclassified information (CUI) at Florida State University, ensuring FSU remains a trusted custodian in the security of confidential and sensitive information.
Why is NEST Needed?
NEST is designed to meet all National Institute of Standards and Technology (NIST) 800-171 technical and procedural controls and aligns with the university's information security and privacy policies. Non-compliance with NIST 800-171 has serious consequences for FSU, including the termination of existing contracts, prevention of future grants and potential litigation.
Security Incident Response Procedure
Despite the controls, it is imperative to know how to react if data is mishandled.
In the event of a security incident, the incident must be reported to the appropriate federal agency or prime contractor within 72 hours of discovery. If you suspect a security incident has occurred, please contact the ITS Service Desk.
The National Institute of Standards and Technology provides a framework for organizations to protect networks and data to reduce their cybersecurity risk. Below are several NIST standards that relate to research data.
NIST Standard 800-53
Security and Privacy Controls for Federal Information Systems and Organizations
NIST Standard 800-171
Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations
Request a Consultation
ITS offers research compliance consultations to assist researchers as they ensure university research meets proper regulatory and contractual restraints related to cybersecurity.
Information Security Policy
Review the minimum standards and best practices for the security of data and IT resources at FSU
Review the minimum standards and best practices for the privacy of data and IT resources at FSU
Incident Response Procedures
Review the procedures needed to report and incident.