InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
Subscribe Login/Register
S&P 500
5,537.02
(
0.51%
)
US TECH 100
19,634.80
(
0.80%
)
Dow Jones
39,308.00
(
-0.06%
)
Brent Oil
86.91
(
0.53%
)
Bitcoin
59,791.91
(
-3.60%
)
Post# of 249191
Next 10
Reply Private New
Public Reply Private Reply New Post
Keep Last Read
Keep Next 10 Report Keyboard Shortcuts
Next 10 Prev Next

svenm

Send PM Follow Ignore
Followers 6
Posts 585
Boards Moderated 0
Alias Born 07/23/2003

svenm

Re: awk post# 217381

Friday, 11/04/2011 9:58:35 AM

Friday, November 04, 2011 9:58:35 AM

Post# of 249191
Re: "Asleep at the Switch" discussion. From the FAQ DoD Policy Memorandum dated 3/19/2008: Is Microsoft’s EFS or Windows Vista DoD-approved for encrypting DAR?

At this time, Microsoft’s Encrypting File System (EFS) and Windows Vista BitLocker are not FIPS 140-2 validated, therefore they should not be used to encrypt unclassified data (not publicly releasable) on DoD mobile computing devices or removable storage media. Several DoD Components have used EFS as a stop-gap measure until the DARTT procurement process was completed, which represented an acceptable use of EFS. OMB and DoD now require FIPS 140-2 compliant encryption products, therefore Components using EFS will have to migrate to approved encryption products. If EFS or Vista BitLocker receive FIPS 140-2 validation, they will become an approved solution for encrypting DoD unclassified DAR. Other products that contain approved NSA cryptographic modules can also be used to encrypt DoD DAR. According to the 21 March 2007 DAR Encryption Acquisition Memo (signed by the Deputy DoD CIO), DAR encryption that is bundled into a larger, inclusive technology (such as BitLocker in Vista OS or Seagate encrypted hard drives in Dell laptops) can be purchased outside of the DARTT Blanket Purchase Agreements. It is an OMB and DoD requirement that all encryption products meet NIST FIPS 140-2 requirements or have an NSA Approval Letter for use in US Government networks.

Back to Questions


Why is the Trusted Platform Module (TPM) being mandated in this memo?

The TPM paragraph was inserted into this memo to ensure all new DoD computer assets have this module since there are many future software products that will use the security features of the TPM. Supporting TPM is a desirable requirement at this time since many DoD components want to leverage its capabilities in the future for the protection of DAR on mobile computing devices. Legacy systems will not be required to be retrofitted with TPM. Based upon Service inputs, TPM is already being mandated by some Services, it’s readily available on the commercial market, and in most cases is standard on new computer equipment.


I was assured by a Wave representative that "DART is not required for SED solutions as it is not software it is an embedded solution MS is also embedded and is not on DART".

Put that in your pipe and smoke it! We may not get all those contracts for 1 M total DoD units, but at least we may be in the running if we wish!

Svenm
Public Reply Private Reply New Post
Keep Last Read
Keep Last Read Next 10 Report Keyboard Shortcuts
Next 10 Prev Next

Join the InvestorsHub Community

Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.

Sign Up