Re: Compliance Discussion: NIST 800-171 capable with Meraki Full Stack?
I have nothing to do with 800-171.
Note that only meta-data goes to the Meraki cloud, not actual customer data (or in your case "controlled" data"). You might have to be careful around AMP - but it could only possibly submit something that was sent over an unsecured channel - would hopefully no one wanting 800-171 would be doing.
When I have worked with Government bodies, once I explain the different between meta data and their actual user data they seem to be ok.
My inquiry to Cisco didn't yield a good response either as I think they didn't really understand the question. I've read rumors that this is in the works and supposed to be completed in May but I think "rumor" is the key word there.