In order to address this gap, NIST is releasing Draft Special Publication (SP) 800-209, Security Guidelines for Storage Infrastructure, which includes comprehensive security recommendations for storage infrastructures. The security focus areas covered in this document not only span those that are common to the entire IT infrastructure—such as physical security, authentication and authorization, change management, configuration control, and incident response and recovery—but also those that are specific to storage infrastructure, such as data protection, isolation, restoration assurance, and data encryption.
The public comment period for this document is open through August 31, 2020. See the publication details for a copy of the document and instructions for submitting comments.
NOTE: A call for patent claims is included on page iii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.