VA to certify project security

VAnguard June/July 2001

The new cybersecurity chief at the Department of Veterans Affairs said program managers will be asked to sign a contract certifying that they have installed security protections with every project they build.

Bruce Brody, associate deputy assistant secretary for cybersecurity, said the new policy creates departmentwide security requirements and is necessary because security is often overlooked.

"There's a lot of independent action going on," he said. "It's the renegades. It's the people who can put an uncertified network up there."

A separate telecommuting policy — still in draft stages and due out later this year — will also highlight security issues, Brody said. That policy will require workers who telecommute to use a computer strictly dedicated to VA work, he said. Not long ago, an employee in the Midwest connected to his office using a personal computer and transmitted a virus to VA headquarters.

Featured

  • Comment
    customer experience (garagestock/Shutterstock.com)

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected