The National Institute of Standards and Technology (NIST), a division of the Department of Commerce, has issued new guidelines for RFID security.

The NIST report focuses on RFID applications for asset management, tracking, matching, and process and supply chain control. Its list of recommended practices for ensuring the security and privacy of RFID systems includes:
• firewalls that separate RFID databases from an organization’s other databases and information technology (IT) systems;
• encryption of radio signals when feasible;
• authentication of approved users of RFID systems;
• shielding RFID tags or tag reading areas with metal screens or films to prevent unauthorized access;
• audit procedures, logging and time stamping to help in detecting security breaches; and
• tag disposal and recycling procedures that permanently disable or destroy sensitive data.