The Defense Department, NASA and the General Services Administration have introduced an interim rule that seeks to prohibit federal agencies and contractors from using Kaspersky Lab’s software, hardware and services by Oct. 1.
A Federal Register notice posted Friday says the regulation was introduced to amend the Federal Acquisition Regulation in compliance with a provision of the fiscal 2018 National Defense Authorization Act.
The interim rule would require contracting officers to include the prohibition in solicitations and contracts released on or after July 16 and direct vendors and subcontractors to report any Kaspersky-built products discovered during the contract’s performance period.
The agencies also asked industry input on measures the government intends to implement in order to determine potential challenges to contractors with regard to the identification of “covered articles” under the interim rule.
Interested stakeholders have until Aug. 14 to submit their comments, which will be used by the three agencies to develop the final rule.
The Department of Homeland Security issued in September 2017 a binding operational directive that requires agencies to discontinue the use of Kaspersky Lab’s anti-virus platforms and related products within 90 days to protect their information systems from potential security vulnerabilities.