Advertise Search Members Free Magazines Newest Links Categories Register Login

Application Security Architecture Authentication Certifications Corporate Compliance Cryptology Disaster Recovery Enterprise Security Exploits Firewalls Incident Handling Intrusion Detection Link Directory OS Security Policies and Procedures Security Basics Security Management Security Tools Servers Standards Techie Humor VoIP Vulnerability Management Web Security WIFI Security Worms and Viruses Definition of Government Government compliance involves laws, acts, and legislation that requires agencies to more effectively manage the security of its IT systems. Most Popular Sponsor 802.1X Authentication Standard for Network Access Control

Government DITSCAP Security Checklists, STIGs FISMA Computer Security Act of 1987 In 1987, the US Congress, led by Rep Jack Brooks, enacted a law reaffirming that the National Institute for Standards and Technology (NIST), a division of the Department of Commerce, was responsible for the security of unclassified, non-military government computer systems, under the law, the role of the National Security Agency (NSA) was limited to providing technical assistance in the civilian security realm. Congress rightly felt that it was inappropriate for a military intelligence agency to have control over the dissemination of unclassified information. Read the Article Presidential Decision Directive/NSC - 29 The end of the Cold War has dramatically changed the threats that defined the security policies and procedures for protecting our government's information, facilities and people. While some threats have been reduced, others have remained relatively stable or have increased. Our understanding of the range of issues that affect our national security continues to evolve. Economic issues are of increasing concern and are competing with traditional political and military issues for resources and attention. Technologies, from those used to create weapons of mass destruction to those that interconnect our computers, are evolving and proliferating. With this greater diversity of threats, there is wide recognition that the security policies, practices and procedures developed during the Cold War must be reexamined and changed. We require a new security process based on sound threat analysis and risk management practices. Read the Article National Security Presidential Directive 1. The National Security Act of 1947, as amended, established the National Security Council to advise the President with respect to the integration of domestic, foreign, and military policies relating to national security. National security includes the defense of the United States of America, protection of our constitutional system of government, and the advancement of United States interests around the globe. National security also depends on America's opportunity to prosper in the world economy. That remains its purpose. The NSC shall advise and assist me in integrating all aspects of national security policy as it affects the United States - domestic, foreign, military, intelligence, and economics (in conjunction with the National Economic Council (NEC)). The National Security Council system is a process to coordinate executive departments and agencies in the effective development and implementation of those national security policies. Read the Article Federal Information Security Management Act Overview of the Federal Information Security Management Act (FISMA) of 2002. The purposes of this subchapter are to (1) provide a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support Federal operations and assets; (2) recognize the highly networked nature of the current Federal computing environment and provide effective governmentwide management and oversight of the related information security risks, including coordination of information security efforts throughout the civilian, national security, and law enforcement communities. Read the Article Presidential Decision Directive 63 This White Paper explains key elements of the Clinton Administration's policy on critical infrastructure protection. It is intended for dissemination to all interested parties in both the private and public sectors. It will also be used in U.S. Government professional education institutions, such as the National Defense University and the National Foreign Affairs Training Center, for coursework and exercises on interagency practices and procedures. Wide dissemination of this unclassified White Paper is encouraged by all agencies of the U.S. Government. Read the Article OMB Circular No. A-130 Circular No A-130 provides uniform government-wide information resources management policies as required by the Paperwork Reduction Act of 1980. As amended by the Paperwork Reduction Act of 1995, 44 USC Chapter 35. This Transmittal Memorandum contains updated guidance on the "Security of Federal Automated Information Systems," Appendix III and makes minor technical revisions to the Circular to reflect the Paperwork Reduction Act of 1995 (P.L. 104-13). The Circular is reprinted in its entirety for convenience. Read the Article A Guide to Government Security Mandates To reverse a trend of weak security in government computer systems, Congress has passed legislation that requires federal agencies to more effectively manage the security of its IT systems. A fundamental component of this improved security management is System Certification. System Certification provides a holistic view of the state of security for each system by identifying the risks associated with the system, identifying the countermeasures implemented to mitigate those risks, explaining how security is implemented, planning for system downtimes and emergencies, and providing a formal plan to improve the security in any one of these areas. This document identifies each major component of the System Certification process and provides an overview of each. This document endeavors to provide the reader with a solid understanding of the certification process, the order in which the steps should be completed, and some lessens learned from actual experience. Read the Article U.S. Government IT Security Laws Several laws have been passed to secure those doors of ill-intent while maintaining windows for the public. One such law is the Federal Information Security and Management Act (FISMA). Read the Article Mobile Mesh Networks Connect First Responders Traditional network availability has proven to be difficult to maintain in unpredictable environments such as firestorms, natural disasters, and terrorist situations. Too often communications depend on access to fixed or temporary infrastructure and are limited by range or line of sight constraints. Radio interoperability between jurisdictions, always an issue for responders, became a homeland security issue after 9/11. Proprietary radios and multiple standards make it virtually impossible for different agencies to cooperate in a scaled response to a major disaster. Making data available instantly between emergency first responders from multiple agencies and jurisdictions and in even the most unpredictable situations requires a powerful, flexible, and reliable wireless solution. Read the Article Members currently browsing this category:

Copyright 2008 AttackPrevention