Standards body drafts guide on preventing data breaches
By Heather Greenfield, National Journal's Technology Daily
The National Institute for Standards and Technology has released a draft of its new guide to better protect federal agencies from data breaches.
The 387-page guide is designed to help agency technical teams evaluate whether the security controls they have actually work as intended to protect information systems from being compromised.
It is designed as a companion to an earlier publication on minimum security controls for federal information systems. That guide, according to lead author Ron Ross, defines the different security controls required by the federal government -- including encryption, identification and authentication of users, access control to systems, personnel security and physical security.
Full story: http://www.govexec.com/story_page.cfm?articleid=37161&dcn=e_gvet
