Setting boundaries

On Oct. 30, 2002, Defense Department officials issued the Interim Defense Acquisition Guidebook, which contained the following security rules for when foreign nationals participate in software development:

Vendors must indicate whether foreign nationals participated in any way in software development, modification or remediation.

Foreign nationals employed by contractors or subcontractors to develop or modify software code for DOD must have security clearances equal to the level of the program in which the software is being used.

Primary vendors on DOD contracts may have subcontractors that employ cleared foreign nationals who work only in a certified or accredited environment.

DOD software with coding done in foreign environments or by foreign nationals must be reviewed by software quality assurance employees for malicious code.

Vendors that demonstrate efforts to minimize the security risks associated with foreign nationals will be given preference during the contracting process in product selection or evaluation.

Software quality assurance employees must check software sent to locations not directly controlled by DOD or its contractors for malicious code when it is returned to the DOD contractors' facilities.

This guidance acknowledges the additional risks associated with using foreign nationals in software development, but the procedures listed are not mandatory and, according to the guidebook, are to be used at the discretion of acquisition program managers.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.