[LINK] Whitehouse security announcement: 30-Jun-07 "comply or, don't connect" applications

[steve jenkin]

Wow!
Wonder if any other Govt. will follow...

>From SANS NewsBites Vol. 9 Num. 23
<http://www.sans.org/newsletters/newsbites/newsbites.php?vol=9&issue=23>
> FLASH ANNOUNCEMENT: The White House just released (at 9 AM Tuesday,
> March 20) a directive to all Federal CIOs, requiring that all new IT
> system acquisitions, beginning June 30, 2007, use a common secure
> configuration and, even more importantly, requiring information
> technology providers (integrators and software vendors) to certify that
> the products they deliver operate effectively using these secure
> configurations. This initiative builds on the pioneering "comply or
> don't connect" program of the US Air Force; it applies to both XP and
> Vista, and comes just in time to impact application developers building
> applications for Windows Vista, but impacts XP applications as well.  

> No
> VISTA application will be able to be sold to federal agencies if the
> application does not run on the secure version (SSLF) of Vista.  XP
> application vendors will also be required to certify that their
> applications run on the secure configuration of Windows XP. The benefits
> of this move are enormous: common, secure configurations can help slow
> bot-net spreading, can radically reduce delays in patching, can stop
> many attacks directly, and organizations that have made the move report
> that it actually saves money rather than costs money.
-- 
Steve Jenkin, Info Tech, Systems and Design Specialist.
0412 786 915 (+61 412 786 915)
PO Box 48, Kippax ACT 2615, AUSTRALIA

sjenkin at canb.auug.org.au http://www.canb.auug.org.au/~sjenkin