Regs set for security

Commercial information security products designed to protect information

systems from cyberattacks next year will have to meet strict international

standards before government agencies can purchase them.

The new National Information Assurance Acquisition Policy will be phased

in on Jan. 1, 2001, when all agencies will be encouraged to purchase only

those products that meet the standards. The National Security Telecommunications

and Information Systems Security Committee, which establishes policy on

the security of national security information systems, approved the policy

last month.

After Jan. 1, 2002, agencies will be allowed to purchase only commercial

information assurance products evaluated by accredited national laboratories

and that meet internationally recognized assurance standards.

The policy document suggests agencies that operate non-national security

systems may want to purchase only accredited products in the future as a

means to comply with Presidential Decision Directive 63, which requires

agencies to protect critical computer systems.

Government and commercial information assurance products purchased before

the effective dates are exempt. Requests for waivers must be made through

the National Security Agency.

The standards cited by the new policy include:

* The International Common Criteria for Information Security TechnologyEvaluation

Mutual Recognition Arrangement.

* The National Security Agency/National Institute of Standards andTechnology

(NIST) National Information Assurance Partnership Evaluation and Validation

Program.

* The NIST Federal Information Processing Standard validation program.

Featured

  • Management
    shutterstock image By enzozo; photo ID: 319763930

    Where does the TMF Board go from here?

    With a $1 billion cash infusion, relaxed repayment guidelines and a surge in proposals from federal agencies, questions have been raised about whether the board overseeing the Technology Modernization Fund has been scaled to cope with its newfound popularity.

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

Stay Connected