DoD, GSA and NASA are proposing to amend the FAR with a new subpart and contract clause for anyone contracting with Uncle Sam or handling government data. The changes would require contractors or organizations handling government data to take certain information security measures and these would be contractually required.
Written comments are due on or before October 23rd, and the FAR case is 2011-020.
"Basic safeguarding" of data includes such items as:
- Use of public computers
- Intrusion protection
- Transmitting of electronic information
- Physical and electronic barriers
According to the proposed rule, basic protection measures are
"first-level information technology
security measures used to deter
unauthorized disclosure, loss, or
compromise."
It is interesting to note that although these should already be included under FISMA it also pertains to the use of COTS products. Anyone contracting with Uncle Sam should keep abreast of the changes and provide comments.
http://www.gpo.gov/fdsys/pkg/FR-2012-08-24/pdf/2012-20881.pdf
No comments:
Post a Comment