VA to certify project security
The new cybersecurity chief at the Department of Veterans Affairs said program managers will be asked to sign a contract certifying that they have installed security protections with every project they build.
The new cybersecurity chief at the Department of Veterans Affairs said program managers will be asked to sign a contract certifying that they have installed security protections with every project they build.
Bruce Brody, associate deputy assistant secretary for cybersecurity, said the new policy creates departmentwide security requirements and is necessary because security is often overlooked.
"There's a lot of independent action going on," he said. "It's the renegades. It's the people who can put an uncertified network up there."
A separate telecommuting policy — still in draft stages and due out later this year — will also highlight security issues, Brody said. That policy will require workers who telecommute to use a computer strictly dedicated to VA work, he said. Not long ago, an employee in the Midwest connected to his office using a personal computer and transmitted a virus to VA headquarters.
NEXT STORY: E-signatures battle 'fear factor'