DOD directive calls for using tested products

DOD directive calls for using tested products

By Bill Murray

GCN Staff

After July 1, 2002, information assurance products used by Defense Department agencies must first be evaluated by accredited national laboratories, according to a recent directive by Arthur L. Money, DOD's chief information officer.

In the directive, Money endorsed the National Security Telecommunications and Information Systems Security Committee's guidelines for acquiring commercial information assurance products.

Money, who is assistant secretary of Defense for command, control, communications and intelligence, is chairman of the committee, which represents 21 government agencies and sets national security information systems policy.

Beginning Jan. 1, Money's directive said, DOD agencies should give preference to security products evaluated by national testing laboratories. Committee members have also encouraged civilian government officials to favor accredited security products.

In a March 9 speech to members of the Armed Forces Communications and Electronics Association, Money said that information assurance and critical infrastructure protection means having nonstop network availability, data confidentiality and privacy, nonrepudiation of digital signatures for legal purposes, message authentication, and data integrity.

More policy information is posted on the committee's Web site, at www.nstissc.gov.

inside gcn

  • digital model of city (Shutterstock.com)

    Why you need a digital twin

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above