[OpenAFS] govenen laptop encryption requiements
Gary Buhrmaster
gtb@slac.stanford.edu
Mon, 19 Feb 2007 11:26:10 -0800
ted creedon wrote:
> Have openafs users been affected by
> http://www.whitehouse.gov/omb/memoranda/fy2006/m06-16.pdf ?
Anyone who is a "Fed" (or a Fed contractor) has had to deal
with that memo, and address the issues (quite some time
ago, actually). Primarily, the point is to insure there is
not another VA incident (loss of PII). If your agency has
to deal with this, there are a number of interesting
interpretations available via your favorite beltway bandit
regarding the actual steps needed to fully comply(*). I do
not recall that OpenAFS had any special advantages or
disadvantages in addressing the compliance issues for this
memorandum, but your agency compliance officers may have a
different point of view, and are the officials to ask for
definitive answers.
Gary
(*) For those that are not conversant in Fed-speak (and
for those who try to avoid it), Fed memos do not
always say what you think they say. Common English
interpretations of the words written do not always
result in the correct (in Fed-speak) interpretations.
You often need one of the consultant firms to
provide the guidance as to how they will actually
be interpreted and measured against.