U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Naomi Lefkovitz (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 25 of 25

Mobile Device Security: Bring Your Own Device (BYOD)

September 28, 2023
Author(s)
Gema Howell, Katie Boeckl, Nakia R. Grayson, Naomi Lefkovitz, Jason Ajmo, R. Eugene Craft, Milissa McGinnis, Kenneth Sandlin, Oksana Slivina, Julie Snyder, Paul Ward
Many organizations provide employees the flexibility to use their personal mobile devices to perform work-related activities. An ineffectively secured personal mobile device could expose an organization or employee to data loss or a privacy compromise

American Competitiveness Of a More Productive Emerging Tech Economy Act (The American COMPETE Act)

August 11, 2023
Author(s)
Commerce Secretary, Kevin A. Kimball, Matthew Hoehler, Anne Lane, Elham Tabassi, Connie LaSalle, Mark VanLandingham, James A. Warren, Naomi Lefkovitz, Nada T. Golmie, Chris Greer, Matthew Scholl, Dylan Yaga, Andrew C. Wilson, Kevin Stine, Karen Reczek, Institute for Defense Analyses Science and Technology Policy Institute (IDA STPI), Quantum Economic Development Consortium (QED-C), Federal Trade Commission (FTC)
Under DIVISION FF, Title XV, §1501 of the Consolidated Appropriations Act of 2021 (Public Law 116-260)—the "American Competitiveness Of a More Productive Emerging Tech Economy Act" (the "American COMPETE Act")—the United States Congress directed the

Consideraciones para la gestion de riesgos a la ciberseguridad y la privacidad de internet de las cosas (IoT)

March 29, 2021
Author(s)
Katie Boeckl, Michael Fagan, Bill Fisher, Naomi Lefkovitz, Katerina N. Megas, danna o'rourke, Karen Scarfone, Benjamin Piccarreta, Ellen Nadeau
La internet de las cosas (IoT) es un conjunto de diversas tecnologías que evolucionan y se difunden con rapidez, y que interactúan con el mundo físico. Muchas organizaciones no se dan cuenta del gran número de dispositivos de IoT que ya están utilizando

Consideracoes para Gerenciar Riscos de Privacidade e Seguranca Cibernetica na Internet das Coisas (IoT)

March 29, 2021
Author(s)
Katie Boeckl, Michael Fagan, Bill Fisher, Naomi Lefkovitz, Katerina N. Megas, Ellen Nadeau, Benjamin Piccarreta, Karen Scarfone, Danna O'Rourke
A Internet das Coisas (IoT) é uma coleção em rápida evolução e expansão de diversas tecnologias que interagem com o mundo físico. Muitas organizações não estão necessariamente cientes do grande número de dispositivos IoT que já estão usando e como eles

Mobile Device Security: Corporate-Owned Personally-Enabled (COPE)

September 15, 2020
Author(s)
Gema E. Howell, Kaitlin R. Boeckl, Naomi B. Lefkovitz, Ellen M. Nadeau, Joshua M. Franklin, Behnam Shariati, Jason Ajmo, Christopher J. Brown, Spike E. Dog, Frank Javar, Michael Peck, Kenneth F. Sandlin
Mobile devices provide access to vital workplace resources while giving employees the flexibility to perform their daily activities. Securing these devices is essential to the continuity of business operations. While mobile devices can increase efficiency

NIST Privacy Framework: An Overview

June 25, 2020
Author(s)
Kaitlin R. Boeckl, Naomi B. Lefkovitz
This bulletin summarizes the information found in the voluntary NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management (Version 1.0). The Privacy Framework is a tool developed in collaboration with stakeholders intended to

Digital Identity Guidelines: Authentication and Lifecycle Management [includes updates as of 03-02- 2020]

March 2, 2020
Author(s)
Paul A. Grassi, James L. Fenton, Elaine M. Newton, Ray Perlner, Andrew Regenscheid, William E. Burr, Justin P. Richer, Naomi Lefkovitz, Jamie M. Danker, Yee-Yin Choong, Kristen K. Greene, Mary Theofanos
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. These guidelines focus on the authentication of

Digital Identity Guidelines: Enrollment and Identity Proofing [includes updates as of 03-02-2020]

March 2, 2020
Author(s)
Paul A. Grassi, James L. Fenton, Naomi Lefkovitz, Jamie M. Danker, Yee-Yin Choong, Kristen K. Greene, Mary Theofanos
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. This guideline focuses on the enrollment and

Digital Identity Guidelines: Federation and Assertions [includes updates as of 03-02-2020]

March 2, 2020
Author(s)
Paul A. Grassi, Justin P. Richer, Sarah K. Squire, James L. Fenton, Ellen M. Nadeau, Naomi B. Lefkovitz, Jamie M. Danker, Yee-Yin Choong, Kristen Greene, Mary F. Theofanos
This document and its companion documents, SP 800-63, SP 800-63A, and SP 800-63B, provide technical and procedural guidelines to agencies for the implementation of federated identity systems and for assertions used by federations. This publication

Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks

June 25, 2019
Author(s)
Katie Boeckl, Michael Fagan, Bill Fisher, Naomi Lefkovitz, Katerina N. Megas, Ellen M. Nadeau, Benjamin M. Piccarreta, Danna G. O'Rourke, Karen A. Scarfone
The Internet of Things (IoT) is a rapidly evolving and expanding collection of diverse technologies that interact with the physical world. Many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT

Digital Identity Guidelines: Authentication and Lifecycle Management [including updates as of 12- 01-2017]

December 1, 2017
Author(s)
Paul A. Grassi, Ray A. Perlner, Elaine M. Newton, Andrew R. Regenscheid, William E. Burr, Justin P. Richer, Naomi B. Lefkovitz, Jamie M. Danker, Mary F. Theofanos
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. These guidelines focus on the authentication of

Digital Identity Guidelines: Enrollment and Identity Proofing Requirements [including updates as of 12-01-2017]

December 1, 2017
Author(s)
Paul A. Grassi, Naomi B. Lefkovitz, James L. Fenton, Jamie M. Danker, Yee-Yin Choong, Kristen Greene, Mary F. Theofanos
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. This guideline focuses on the enrollment and

Digital Identity Guidelines: Federation and Assertions [including updates as of 12-01-2017]

December 1, 2017
Author(s)
Paul A. Grassi, Ellen M. Nadeau, Justin P. Richer, Sarah K. Squire, James L. Fenton, Naomi B. Lefkovitz, Jamie M. Danker
This document and its companion documents, SP 800-63, SP 800-63A, and SP 800-63B, provide technical and procedural guidelines to agencies for the implementation of federated identity systems and for assertions used by federations. This publication

Digital Identity Guidelines: Authentication and Lifecycle Management

June 22, 2017
Author(s)
Paul A. Grassi, Elaine M. Newton, Ray A. Perlner, Andrew R. Regenscheid, William E. Burr, Justin P. Richer, Naomi B. Lefkovitz, Jamie M. Danker, Yee-Yin Choong, Kristen Greene, Mary F. Theofanos
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. These guidelines focus on the authentication of

Digital Identity Guidelines: Enrollment and Identity Proofing Requirements

June 22, 2017
Author(s)
Paul A. Grassi, James L. Fenton, Naomi B. Lefkovitz, Jamie M. Danker, Yee-Yin Choong, Kristen Greene, Mary F. Theofanos
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. This guideline focuses on the enrollment and

Digital Identity Guidelines: Federation and Assertions

June 22, 2017
Author(s)
Paul A. Grassi, Ellen M. Nadeau, Justin P. Richer, Sarah K. Squire, James L. Fenton, Naomi Lefkovitz, Jamie M. Danker, Yee-Yin Choong, Kristen K. Greene
This document and its companion documents, SP 800-63, SP 800-63A, and SP 800-63B, provide technical and procedural guidelines to agencies for the implementation of federated identity systems and for assertions used by federations. This publication

Building the Bridge between Privacy and Cybersecurity for Federal Systems

April 19, 2017
Author(s)
Naomi B. Lefkovitz, Ellen M. Nadeau, Larry Feldman, Gregory A. Witte
This bulletin summarizes the information in NISTIR 8062: An Introduction to Privacy Engineering and Risk Management in Federal Information Systems which provides an introduction to the concepts of privacy engineering and risk management for federal

An Introduction to Privacy Engineering and Risk Management in Federal Information Systems

January 5, 2017
Author(s)
Sean W. Brooks, Michael E. Garcia, Naomi B. Lefkovitz, Suzanne Lightman, Ellen M. Nadeau
This document provides an introduction to the concepts of privacy engineering and risk management for federal information systems. These concepts establish the basis for a common vocabulary to facilitate better understanding and communication of privacy