Skip to main content
U.S. flag

An official website of the United States government

Security Measures for “EO-Critical Software” Use

Publishing guidance that outlines security measures for critical software use – including applying practices of least privilege, network segmentation, and proper configuration – is one of NIST’s assignments to enhance the security of the software supply chain called for by a May 12, 2021, Presidential Executive Order on Improving the Nation’s Cybersecurity (14028). NIST considered extensive input from the public via a call for position papers and workshop and has worked closely with the Cybersecurity & Infrastructure Security Agency (CISA) and Office of Management and Budget (OMB) in producing this guidance.

The security measures for "EO-Critical Software" Use are also included in a NIST white paper.

Questions about this guidance should be directed to: swsupplychain-eo@nist.gov

Created July 8, 2021, Updated July 9, 2021