The federal government is pushing ahead with its agenda to improve the security of public and private networks, working to garner support for key components and developing plans to refocus the National Information Assurance Partnership. Specifically, the NIAP is crafting two . . .
The federal government is pushing ahead with its agenda to improve the security of public and private networks, working to garner support for key components and developing plans to refocus the National Information Assurance Partnership. Specifically, the NIAP is crafting two sets of security guidelines to help federal agencies lock down their networks, and many industry observers expect the provisions in the drafts to show up in recommendations for the private sector as well. The first draft, due Oct. 28, will spell out a lengthy process that IT personnel can use to certify that their systems are running securely. The second, which will be published Nov. 11, details sets of security controls that federal networks should have to be considered secure, depending on their sensitivity level.

"We have taken into account [international standards] so that these guidelines can be applied to the private sector," said Marianne Swanson, senior adviser for IT security management at the National Institute for Standards and Technology, in Gaithersburg, Md. "We can only recommend, but these are all best practices. We haven't pulled anything out of the ordinary. They should be used."

The link for this article located at eWeek is no longer available.