[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Army prepping Information Assurance policy
Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
http://www.fcw.com/fcw/articles/2003/0609/web-armyia-06-09-03.asp
Army prepping IA policy
By Dan Caterinicchia
June 9, 2003
The Army is preparing an information assurance (IA) policy that will
guide the way the service implements a Defense Department IA
directive.
An enterprise information assurance policy is one of three key pillars
needed to support the Army Knowledge Management (AKM) imperatives of
defending networks, supporting the Objective Force and lowering the
total cost of information technology ownership, said Robert Ringdahl,
chief integration officer at Network Enterprise Technology Command's
Enterprise Systems Technology Activity.
The Army policy is in draft form and should be ready for release by
September, Ringdahl said during a June 5 speech at the Army Small
Computer Program's IT conference.
"It will be the Army's implementation policy of [DOD's 8500.1]
directive," he told Federal Computer Week.
Directive 8500.1 was issued in late October 2002 and calls for Defense
agencies to protect data as it is shared across the Global Information
Grid. Furthermore, DOD Instruction 8500.2, dated Feb. 6, sets forth
the way that rules and policies in the directive are implemented. The
instruction is designed to ensure that information awareness training
and education are provided to all military and civilian personnel,
specific to their responsibilities for developing, using and
maintaining DOD information systems.
Col. Ted Dmuchowski, director of information assurance at the Network
Enterprise Technology Command, said the new Army policy is really an
updated information assurance regulation that will align and
consolidate the service's information assurance goals and objectives
to support DOD Directive 8500.1 and Instruction 8500.2.
"The policy will reduce the manageability requirements of information
systems, minimize the effects of unauthorized access or loss, and
increase the effectiveness of IA integration as part of the life cycle
of all information systems, Dmuchowski said.
He noted that the "cornerstone philosophy of Army information
assurance" is to:
* Design, implement and secure accesses, data, systems and
repositories.
* Increase trust and trusted relationships.
* Employ technical and operational security mechanisms.
* Deny all unauthorized accesses.
* Permit necessary exceptions to support Army, DOD, and Joint
interagency and multinational tactical and sustaining-base
operations.
In addition to creating the Army's information assurance policy,
Ringdahl said the service must deal with two other key pillars to
support its AKM imperatives: the role of reimbursable funding vs. cost
funding, and the role of Microsoft Corp. -- which appears to be
clearer with the May 30 award of an enterprise software agreement.
The funding question is "evolving and [is] a topic of intense
discussion" among the Army's IT leaders, he said, adding that
decisions must be made whether reimbursements will be done at the
individual user or major command level.
---------------------------------------------------------------
Liste verlassen:
Mail an infowar -
de-request -!
- infopeace -
de mit "unsubscribe" im Text.