This system is worthless because there are no actions associated with the different levels. Strange that DHS has always been at yellow or orange but the military's FPCON has always been at Alpha+ or Bravo. What we really need to do is replace the system with DoDs FPCON and be done with it.
lower level soldiers can get there net access cut back or removed when needed to provide command guaranteed access to the network when they need it.
Ding Ding Ding. This is taking what we already have in the DSN military phone system and applying it to the tactical and strategic networks. This is more of an issue on the tactical Joint Network Node (JNN) networks as the military continues to expand with the entire BCS suite. CPOF alone demands priority networks to work well between sites. As everything gets digitized the network is getting saturated and it cant grow like this without some sort of traffic control. A JNN can take a good amount of load but the associated Command Post Nodes (CPN) max out real quick.
In a DoD environment I Tunes, Amazon Downloader, and other legal forms of downloading music are prohibited from being on the systems as being outside the baseline. I can only speak for the Army but the regulation does not consider music in general stealing. Quoting from AR 25-2 page 27...
(7) Certain activities are never authorized on Army networks. AUPs will include the following minimums as
prohibited. These activities include any personal use of Government resources involving: pornography or obscene
material (adult or child); copyright infringement (such as the sharing of copyright material by means of peer-to-peer
software); gambling; the transmission of chain letters; unofficial advertising, soliciting, or selling except on authorized
bulletin boards established for such use; or the violation of any statute or regulation.
In short DISA wrote bad flash training on this one scenario. DoD 8500 series and agency specific regulations DO NOT refer to it as stealing.
Chrome does not install in
While is might be OK to say FU to MS, saying FU to IT departments ensures that it wont be installed per company policy. Anything that you want business to adopt on a serious scale has to be something they can manage across the company with ease. For Windows that means being able to mange settings and restrictions through group policy and having an MSI installer. Without that company policy will not really change because IE's management cost is already accepted as part of the enterprise while you have to have a separate process for Firefox. If your running MS on the desktop, the plan is built in for IE making any other cost extra. I realize that both are available for Firefox BUT they come from organizations other than Mozilla. While IT might be fine with getting it from an outside source, management defiantly balks on this.
3. Inspector then moves on to the server room, where Linux is installed. Inspector can't determine that "latest Microsoft patches are installed", so machines are marked as non-compliant.
The FederalGgovernment uses Linux as well and there are published security standards for it. The NSA and DISA both publish security guides and implementation guidelines for Linux. NSA Secure Configuration Guides DISA STIGS . This will require training for your typical enforcement droid but is not out of reach. To say that regulation would require Microsoft only is ignoring the fact that *nix is very much in use in the Federal Government
The multiple computer problem in a domain is solved by setting up a PKI through certificate services. This combined with a logon script to encrypt the profile directory takes care of those problems. If you are doing EFS on a large scale in a domain you would be crazy not to use a PKI. Another advantage to this is should the certificate get lost you can set recovery keys that a admin can use to decrypt the data.
This can also in a windows domain be used to create bitlocker keys as well which encrypts the entire system.
"The only way for a reporter to look at a politician is down." -- H.L. Mencken