Home / News / DoD Eyes FedRAMP-Based Process for Acquisition of Mobile App Security Services

DoD Eyes FedRAMP-Based Process for Acquisition of Mobile App Security Services

The Defense Department plans to roll out a new process for its acquisition of mobile application security services based on the Federal Risk and Authorization Management Program model, Federal News Radio reported Monday.

John Zangardi, acting DoD chief information officer, signed the mobile application security requirements memorandum which was designed to establish a baseline standard for applications as well as advocate reciprocity throughout the military.

“The [National Information Assurance Partnership] developed the baseline set of security requirements for organizations engaged in locally evaluating mobile applications … These requirements are achievable, testable, and repeatable and provide a basis for technical evaluation and risk determination by Authorization Officials,” said Zangardi in the memo.

Zangardi directed DoD agencies and service branches to utilize the “Requirements for Vetting Mobile Applications from the Protection Profile for Application Software” NIAP profile and tasked the Defense Information Systems Agency to create a portal for the new process within the next 90 days.

DoD service branches and agencies will also assess applications from the mobile application portal and other commercial stores prior to its development and acquisition to determine potential security threats.

Check Also

Andrew Charles: Navy Should Determine Where AI Fits Into System

Capt. Andrew Charles, director of tactical exploitation of national capabilities for the U.S. Navy, has said the service should determine where artificial intelligence technologies apply in its operations, and where they don't, Federal News Network reported Friday.

Leave a Reply

Your email address will not be published. Required fields are marked *