- public computers or web sites
- transmitting electronic information
- transmitting voice and fax information
- physical and electronic barriers
- sanitization (wiping hard drives)
- intrusion protection
- transfer limitations.
This proposed rule will apply to all contractors and subcontractors, regardless of size or business ownership. The FAR Councils do not believe the cost impact of compliance will be significant because first level protective measures are already employed at most locations as part of the routine course of doing business. The Councils believe that the cost of not employing first level protective measures could be very costly to both the Government and contractors if sensitive or valuable information is lost. In this case, the potential benefits greatly outweigh the cost.
You can read the full proposal here. Public comments are due by October 23rd.