DOD proposes systems security amendment to DFARS

The Defense Department plans to remind its acquisition workers that they must adhere to two new policies for securing systems and networks.

DOD acquisition officials need to comply with directives 8500.1 and 8500.2 when buying technology, according to a proposed amendment to the Defense Federal Acquisition Regulation Supplement that addresses information assurance requirements related to IT acquisition.

Both directives implement the National Security Telecommunications and Information Systems Security Committee's Policy No. 11, which requires information assurance be added to all Defense systems used to enter, process, display or transmit national security information.

'For all acquisitions, the requiring activity is responsible for providing to the contracting officer statements of work, specifications or statements of objectives that meet information assurance requirements,' said the proposal, which the department released Friday.

The directives also require that vendors provide or use IT that has been accredited as meeting the appropriate requirements. Vendors must submit documentation proving accreditation.

The government can choose to 'conduct additional tests to ensure that IT delivered under a contract satisfies the information assurance standards,' the amendment added.

Directive 8500.2, released in February, is the second part of a strategy to address the changing systems security needs within the department. DOD issued the first part, 8500.1, in October. The directives create a framework for DOD to follow to protect its information systems.

The policies cover several areas, including access control and firewall protection. They also place Defense systems in four categories:

  • Automated applications enclaves, which include networks


  • Outsourced IT


  • Platform IT interconnections, such as weapons systems


  • Sensors.


  • DOD will accept comments about the proposed amendment until July 22.

    Featured

    • 2020 Government Innovation Awards
      Government Innovation Awards - https://governmentinnovationawards.com

      21 Public Sector Innovation award winners

      These projects at the federal, state and local levels show just how transformative government IT can be.

    • Federal 100 Awards
      cheering federal workers

      Nominations for the 2021 Fed 100 are now being accepted

      The deadline for submissions is Dec. 31.

    Stay Connected