[ISN] USAID waives FISMA for iPads

From: InfoSec News <alerts_at_private>
Date: Fri, 15 Apr 2011 00:13:40 -0500 (CDT)
http://www.fiercegovernmentit.com/story/usaid-waives-fisma-ipads/2011-04-13

By Molly Bernhart Walker
FierceGovernmentIT 
April 13, 2011

Many U.S. Agency for International Development workers are using 
iPads--a fact that recently drew the ire of Secretary of State Hillary 
Clinton when she sat next to a USAID official on a plane, said Jerry 
Horton, chief information officer at USAID. Horton spoke April 7 at a 
cloud computing forum at the National Institute of Standards and 
Technology in Gaithersburg, Md.

Clinton wanted to know why a USAID official could have an iPad while 
State Department officials still can't. The secret, apparently, lies in 
the extensive use of waivers. It's "hard to dot all the Is and cross all 
the Ts," Horton said, admitting that not all USAID networked devices are 
formally certified and accredited under Federal Information Security 
Management Act.

"We are not DHS. We are not DoD," he said.

While the State Department requires high-risk cybersecurity, USAID's 
requirements are much lower, said Horton. "And for what is high-security 
it better be on SIPR."

Horton also said his agency doesn't feel bound to "CONUS support," 
referring to the data sovereignty issues some agencies face. If USAID 
workers are in Afghanistan, it makes much more sense for them to use 
mobile devices that touch servers in Doha rather than servers in the 
United States, he explained.

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Thu Apr 14 2011 - 22:13:40 PDT

This archive was generated by hypermail 2.2.0 : Thu Apr 14 2011 - 22:24:17 PDT