Search FCW

Advanced Search
Subscribe Now!
Table of Contents
Sprint
Business
BPM
CXOs
Columns
Columnists
Defense
E-Government
Elections 2008
Enterprise Architecture
Funding
Homeland Security
Health IT
IPv6
LOB
Management
Procurement
Privacy
Policy
Program Management
State and Local
Security
Technology
Telework
Training and Certification
Workforce

More Topics
resourcecenter
Home
Letters to the Editor
Current Issue/Download
Print/Online Archives
Editorial Calendar
researchstore
resourcecenter
Communications for Continuity Operations

Oracle Resource Center
NEW! Transforming Data Center
Managed Services
Service Oriented Architecture
Training & Simulation
Networking Communications
Security Directives and Compliance
Data Center Virtualization
Air Force ELSG Contract Guide

More >>



Latest News
ADVERTISEMENT




 

Web extra: Hot or not: Endpoint security gets a boost

Published on December 17, 2007

Comment

Click here to comment on this article

Related story links

Hot or not: With tech, there's always change

OMB security mandates pile up

ITIL given a government spin

GAO: VA data still at risk

Newsletters

You might also be interested in these FCW newsletters:

Daily

To learn more, click here.

What's hot: Endpoint security
Agencies made significant progress or completed projects in 2007 to protect sensitive information stored on network endpoints, including mobile devices, said Karen Evans, the Office of Management and Budget's administrator for e-government and information technology.

In the wake of highly publicized data breaches at the Veterans Affairs Department involving mobile devices, OMB issued directives and agencies responded by encrypting laptop PCs, flash drives, and BlackBerrys and other personal digital assistants to make sure that data cannot be accessed if the devices are lost or stolen. VA was one of the first agencies to comply by applying full-disk encryption to tens of thousands of laptop PCs and later to other mobile devices. VA has also started implementing an enterprisewide security program that includes port monitoring of its network access points.

The Federal Trade Commission encrypted the hundreds of laptop PCs it owns. Like other agencies, it has fulfilled requirements for two-factor authentication for remote access, such as passwords and tokens, and a time-out function for mobile devices, said Marc Groman, FTC's chief privacy officer.

To accelerate the process to encrypt devices, OMB, the Defense Department and the General Services Administration awarded blanket purchase agreements in June under the SmartBuy governmentwide contracting vehicle. The goal is to make it easier, faster and less expensive for agencies to secure their devices. 

-- Mary Mosquera

What's not: Tracking data extracts
Unlike their fast response to endpoint security, agencies have not responded nearly as quickly to the OMB requirement to log and verify all sensitive, computer-readable data extracted from their systems. Under OMB's guidelines, agency officials must know where all their sensitive data resides, change their processes to manage it, and integrate technologies to collect and track it. 

"Depending on an agency's culture or knowledge of the sensitive data in their databases, the log-and-verify security requirement could represent a fundamental but necessary change to an agency's approach to collecting, disseminating and securing data," Evans said.

Agencies are unclear on what OMB means by data extracts and sensitive information, Groman said. Furthermore, the technology is expensive and brings implementation challenges.



upcoming event

Green Computing Summit, Ronald Reagan Building, Washington, DC
December 2 - December 3, 2008

Trusted Internet Connection and the Comprehensive National Cyber Security Initiative, The Willard Intercontinental Hotel, Washington, DC
December 4, 2008


 

head
fcw
issue
First Name State
Last Name Zip
Title Email
     

Home | About | Contact | Customer Help | Privacy Policy | Editorial Info | Advertise | Link policy / Reprints | Site Map


1105 Media, Inc.

© 1996-2008 1105 Media, Inc. All Rights Reserved.