How does Wasabi support Controlled Unclassified Information (CUI)?

Wasabi addresses Controlled Unclassified Information (CUI) compliance by providing customers with the ability to  to safeguard their CUI in accordance with Presidential Executive Order 13556 and 32 CFR Part 2002.  The CUI program requires that CUI be stored or handled in controlled environments that prevent or detect unauthorized access and limits and controls access to CUI within the workforce by establishing electronic barriers. Wasabi meets these requirements for handling CUI:

• Provides US Storage Regions

• Customers are responsible for creating and managing their users, access keys, roles, groups, and policies

• Customers are responsible for creating and managing their Root Users

• Supports Server-side encryption with customer-provided encryption keys (SSE-C)

• Restricts access to the S3 bucket(s) containing CUI and downloads to customer-authorized users with valid access keys

• Customer Root Users are able to generate and download both administrative logs and bucket logs to review and track activity

• Protects both sensitive data/CUI and non-CUI data with encryption

• Maintains information security policies

• Regularly tests security systems and processes

• Regularly monitors and tests networks

• Implements strong access control measures

• Tracks and monitors all access to network resources and sensitive data

  
  Please also review the Wasabi's recommended general user security Best Practices, an additional guide to help Root Users protect their Wasabi cloud data.
  

Keywords: CUI, Controlled Unclassified Information, Executive Order 13556, CCMC, NIST (800-37, 800-53, 800-171, 800-172A)