time server

How the Time on your Computer Affects NIST SP 800-171 Compliance

There are many intricate requirements related to NIST SP 800-171 including how time on your computer is calculated.

Join our newsletter:

Which NIST SP 800-171 is related to time?

NIST SP 800-171 Security control 3.3.7 states “Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records.”

How to Meet NIST SP 800-171 3.3.7 Requirement

To meet this requirement you need to ensure that your information system components such as laptops, desktops, network devices, and servers are synchronized with an “authoritative” time source. The best example and the solution you should probably use as an authoritative time source is time.nist.gov.
Configure your laptops, desktops, network devices, and servers to sync their system clocks with time.nist.gov. To learn how to do this simply perform an online search on how to set the system time server for a given device.

Why this Requirements is Important

If your system does not keep accurate time they will incorrectly create time stamps for audit logs. This inhibits your ability to investigate security incidents. Imagine if all of your systems have different times? It will be very difficult to correlate events from one system to another. Performing an investigation into a cyber incident is extremely difficult if system times are not synchronized with an authoritative time source.

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:


Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.