Language Selection

English French German Italian Portuguese Spanish

Feds lay down draft rules on system security

Filed under
Security

The U.S. Commerce Department's National Institute of Standards and Technology, or NIST, has released a draft version of the minimal security requirements for federal agencies. (Download PDF) The report, published Friday, comes one month after government auditors found that the agencies are not prepared to deal with the triple Internet menaces of spam, phishing and spyware.

The requirements are meant to help the government organiztions improve their information technology security and comply with the Federal Information Security Management Act (FISMA) of 2002. The document covers 17 areas with regard to protecting the confidentiality, integrity and availability of federal information systems and the information processed, stored and transmitted by those systems. NIST has invited public comments on the draft standard until Sept. 13, 2005. After it becomes effective, federal agencies must be in compliance within one year.

By Joris Evers
CNET News.com

More in Tux Machines

Why the Open Source Stars Must Align

Open source projects like OpenStack, Docker, OPNFV and OpenDaylight are more supported and better funded than ever before. They mark a broader trend of large, active and well-resourced open source projects that are among the leaders in Big Data, cloud computing, operating systems and development practices. Open source has come a long way in 30 years – and its success marks a new era for the overall OSS community. But success does not come without potential pitfalls. One of the greatest obstacles to project success isn’t the proprietary competition – it’s the lack of communication between large open source projects like OpenStack and Docker. Read more

Myth Busting the Open-Source Cloud Part 1

On the contrary, open-source cloud computing products are designed from the outset with security in mind. For example, there are features such as identity management to monitor who has access to content, and data encryption to safeguard information while it’s at rest or in transit. Furthermore, open-source cloud software is peer-reviewed by community participants, leading to continuous improvements in the quality of security features and mechanisms. This community also monitors and rapidly discloses vulnerabilities and issues, and provides security updates to address them. Read more

What does an adult look like in an open source community?

You're no longer "just an adult." You're now trusted and looked to for opinions on how the community should grow. You're a community elder. You embody the history. You keep the history. You work together with other adults and elders to guide and make the community stronger. And to a certain extent, the community once again looks after you, just as it did in the first phase. Read more