Time to Get Serious about Controlled Unclassified Information

It’s time to start getting serious about Controlled Unclassified Information (CUI) and the implementation of a solution that ensures compliance. It is expected that the 32 Code of Federal Regulations (CFR) 2002 will be completed in the November-December 2015 time frame. With the rules and markings in place, the National Archives and Records Administration (NARA) will release the official Marking Handbook to kick off the phased implementation process.

TITUS Classification software can help any department easily comply with these regulations. By using the TITUS classification and marking solution, organizations can enhance their overall security program and realize the following benefits:

  1. Ensure information marking: The solution ensures that all documents and email are marked at the point of creation, before the information can be sent, saved, or printed.
  2. Comply with government marking standards: With its configurable user interface, the TITUS software ensures that users comply with the CUI framework. And because it is a commercial-off-the-shelf (COTS) solution, agencies can comply with CUI with minimal impact to internal IT and software development resources.
  3. Raise user awareness through visual markings: The solution automatically applies common, consistent markings to documents and email, including headers, footers, watermarks, and handling instructions. These markings raise CUI awareness and encourage information sharing and proper handling of sensitive information.
  4. Prevent inadvertent disclosure: The solution warns users when they are violating policy, such as sending an email with controlled technical data to a recipient who does not have clearance to read it. These warnings prevent data leaks before the information leaves the desktop and provide users with targeted security education.
  5. Automate security technologies: The user’s marking selection can automatically trigger the application of encryption technologies, such as S/MIME or Microsoft AD Rights Management Services.
  6. Generate metadata for enhanced information sharing: Other security solutions, such as data loss prevention (DLP) solutions, can use the marking metadata to make intelligent policy decisions for information sharing.
  7. Gain insight into user activity: The TITUS solution can record classification actions and user responses to policy violations. These audit logs can be aggregated into reports that provide insight into information flow, user behavior, and the security policy effectiveness.

This is just the beginning of the CUI discussion, so be sure to subscribe to the TITUS blog for more on this topic.

Leave a Reply