NIST issues RFID guidelines

The National Institute of Standards and Technology last week issued guidelines and a set of best practices for the use of radio frequency technology by federal agencies, as well as private corporations. The 154-page report is titled Guidelines for Securing Radio Frequency Identification Systems.

NIST said entities deploying RFID technologies need to consider any security or privacy risks that could arise and should minimize those risks by following a list of best practices developed for RFID users. The guidelines focus specifically on the use of RFID technologies for asset management, tracking, matching and process and supply chain control.

While RFID offers the potential for organizations to improve their logistics, reduce expenses and increase safety, it also entails the risk of eavesdropping and unauthorized use, according to NIST, an organization within the Commerce Department.

NIST prepared the report to meet requirements of the Federal Information and Security Management Act of 2002 that call on NIST to assist federal agencies in adequately securing their IT systems. While intended primarily for a federal audience, the report's recommendations apply equally to the private sector, NIST said.

NIST's list of best practices include installing firewalls between RFID databases and an organization's other IT systems, encryption of RFID signals, authentication systems to identify approved users, shielding of RFID tags to prevent eavesdropping, audit procedures such as logging and time stamping to detect breaches and disabling or destroying used tags to protect sensitive data.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected