[LINK] Whitehouse security announcement: 30-Jun-07 "comply or, don't connect" applications
sjenkin at canb.auug.org.au
Wed Mar 21 13:11:33 AEDT 2007
Wonder if any other Govt. will follow...
>From SANS NewsBites Vol. 9 Num. 23
> FLASH ANNOUNCEMENT: The White House just released (at 9 AM Tuesday,
> March 20) a directive to all Federal CIOs, requiring that all new IT
> system acquisitions, beginning June 30, 2007, use a common secure
> configuration and, even more importantly, requiring information
> technology providers (integrators and software vendors) to certify that
> the products they deliver operate effectively using these secure
> configurations. This initiative builds on the pioneering "comply or
> don't connect" program of the US Air Force; it applies to both XP and
> Vista, and comes just in time to impact application developers building
> applications for Windows Vista, but impacts XP applications as well.
> VISTA application will be able to be sold to federal agencies if the
> application does not run on the secure version (SSLF) of Vista. XP
> application vendors will also be required to certify that their
> applications run on the secure configuration of Windows XP. The benefits
> of this move are enormous: common, secure configurations can help slow
> bot-net spreading, can radically reduce delays in patching, can stop
> many attacks directly, and organizations that have made the move report
> that it actually saves money rather than costs money.
Steve Jenkin, Info Tech, Systems and Design Specialist.
0412 786 915 (+61 412 786 915)
PO Box 48, Kippax ACT 2615, AUSTRALIA
sjenkin at canb.auug.org.au http://www.canb.auug.org.au/~sjenkin
More information about the Link