Snippets of my views to getting rid of End User IA training in the DoD. The article that got me going (besides the horrid training DoD provides) is linked below. Comment if you have any comments for OR against. I really would like to crowd source this.
Ok, so from Part 1, we learned some of the analysis that should take place. In this part, we will look at Step 2. From an infrastructure standpoint, your facility should have at least CAT5e running from a central location (core) to your facility/building (distribution) to multiple switches that connect to the user access locations. Take my infrastructure for example:
After fully completing a Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), I feel compelled to give a roadmap to a successful Authority To Operate (ATO). I will be breaking this down into major muscle movements with smaller “one off” guides to the smaller but important pieces. I was given nothing. No existing infrastructure, equipment, or direction. Only “GET IT CERTIFIED!”. Now, let the journey begin.
Ok, so you’ve already been certified before and now you find yourself in the chute for recertification. I hope you have been keeping up on your network/server/build/CCB documentation over the last three years. If not, this is going to be unpleasantly painful…