8. Building Effective Security into Acquisitions

Enforce existing requirements

In 2011 the White House via OMB issued a Memo M-11-11 that stated "Effective the beginning of FY2012, existing physical and logical access control systems

must be upgraded to use PIV credentials , in accordance with NIST guidelines, prior to the agency

using development and technology refresh funds to complete other activities." https://www.whitehouse.gov/sites/default/files/omb/memoranda/2011/m11-11.pdf. This memo, had it been followed with determination, could have mitigated risk to federal IT systems through virtually eliminating the risk of breach due to compromised credentials.

Add tags and help us assess and classify your idea. Pick from the list below or type in a new tag.

Voting

5 votes
Public Input
Idea No. 32