The Defense Information Systems Agency has released three technical documents to help the Defense Department secure the department’s internal network against cyber attacks, C4ISR & Networks reported Friday.
Amber Corrin writes DISA developed a cloud access point security requirements guide that instructs defense organizations to implement measures to protect connecting channels between the DoD Information Network and web-based public cloud platforms.
The goal is to prevent disruption of cloud service provider-supported DoD missions as well as create a perimeter defense and monitoring architecture for applications hosted in commercial cloud environments.
“A CAP being fully scalable and able to support the enterprise, to include the availability of the application protection enterprise-wide, is scheduled to be ready by early 2016,” Jack Wilmer, DISA infrastructure development executive, told C4ISR & Networks.
Another guide details a framework for the department to assess cloud vendors and follow security controls for commercial cloud offerings, the report said.
DISA also issued a concept of operations document that offers incident reporting and management instructions for organizations in charge with protecting DoD cloud systems.