I am not a fan of Norm Coleman, who happens to be a Republican senator from
So if you are reading this and thinking to yourself, "Oh deary me, now I have to change everything". Fret not. First, these bills must become law. Then OMB needs to decide how they are going to implement it. Lastly, you are probably doing all of what it is asking already. The only thing that agencies will really have to worry about is making sure that inventories are controlled and when employees or contractors are terminated that the government equipment is returned.
Further, this has been tried before and didn't make it. If you are an outsourced system, you should know that you will be subject to law.
4 comments:
Hi Chris
I don't think a breach law aimed at the agencies will do anything above and beyond what already exists--ie, OMB Memo 06-19. So my big question is, "What's the value added?"
I'm not so sure what you mean by the last paragraph--it's non-sequitor.
Cheers
--Mike
I think you are right. I should have been more clear in my sarcasm.
As far as the last paragraph I was referring to the last two attempts at making a Data Breach law. The last sentence I aimed at a few contractors that I have run up against.
So what do you mean with "a few contractors I have run up against"? That's such a tease of a comment. =)
Just curious because I deal with boundaries between government systems and contractor systems all day long, being the security manager for a managed service provider. There are some parts of my operations that you simply can't own for various reasons.
I talk about this stuff all the time on my blog, check it out. =)
I will do a full post on boundary issues. It is far too much for a comment.
But I will read your web log.
Post a Comment