Policy briefs

NIST draft security guides out

The National Institute of Standards and Technology released new draft guidance April 3 for dealing with two of the most common sources of security breaches: poorly configured e-mail servers and the failure to apply software patches.

The two draft guides are part of a series developed by NIST's Computer Security Division and are available through its Computer Security Resource Center Web site (csrc.nist.gov).

NIST's e-mail guide is intended for systems administrators who are responsible for installing, configuring and maintaining e-mail servers and clients. It includes general information on securing e-mail applications and also provides specifics for securing the most popular ones — Microsoft Corp.'s Exchange and Unix sendmail.

NIST's draft guide on patches is intended for both managers and systems administrators. The guide addresses the low implementation rate of commercial software patches, to which experts attribute the success of most security attacks.

Poll: Surveillance still OK

The Harris Poll of Harris Interactive Inc. taken from March 13 to March 19 shows that 81 percent of those surveyed favor the use of facial-recognition technology to scan for suspected terrorists at various locations and at public events. This is down slightly from 86 percent who responded favorably six months ago.

In other findings, 59 percent of those surveyed said they favor adoption of a national identification system for all U.S citizens, down from 63 percent six months ago, and 44 percent said they favored expanded government monitoring of wireless phones and e-mail to intercept communications, while 51 percent opposed it. That compares with 54 percent who favored it six months ago, and 41 percent who did not.

Featured

  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected