Howard Schmidt wrote on the White House blog that agencies should achieve 95 percent utilization of the administration’s priorities regarding federal information systems.
Schmidt’s office, the Office of Management and Budget, the National Institute of Standards and Technology and the departments of Defense and Homeland Security collaborated to identify the priorities.
The first priority is trusted Internet connections, Schmidt wrote.
Agencies should consolidate their external telecommunication connections and develop a baseline set of security capabilities for situational awareness and monitoring.
Second, Schmidt wrote that agencies should prioritize continuous monitoring of federal information systems.
Continuous monitoring helps security personnel make decisions based on risk management, according to Schmidt.
Schmidt’s third priority is focusing authentication based on more than passwords.
Personal identity verification and common access cards provide multi-factor authentication.
This priority is in line with a recent report that the Defense Advanced Research Projects Agency planned to eliminate passwords, instead using behavioral traits as markers of user identification.