Inactive

Cyber Requirements Without exception, all IT equipment shall comply with any, and all, applicable security technical implementation guides (STIGs) and security requirement guides (SRGs) as published b... Cyber Requirements Without exception, all IT equipment shall comply with any, and all, applicable security technical implementation guides (STIGs) and security requirement guides (SRGs) as published by the Defense Information Systems Agency (DISA). This includes STIGs and SRGs regarding physical security. In addition, all IT equipment will comply with relevant Department of Defense (DOD) guidance, and mandates regarding hardware lifecycle upgrades. Without exception, all hardware must come from sources approved by the DOD, and abide by all current restrictions. Without exception, all IT equipment shall comply with any, and all, applicable STIGs, and SRGs developed by DISA, as well as relevant Army guidance, and mandates. Any, and all software, firmware, or operating system intended to be used on, with, or in support of any IT equipment is required to have a current, and valid, ATO, approval from the TYAD CCB, a unique name to identify the product, and employ a version numbering system to enable tracking of outdated software. All data delivered to TYAD will be provided with FIPS 140-2 compliant cryptographic hashes to enable TYAD to verify the integrity of the received files. The provided hashes shall not reside solely on the same physical media as the associated data. Without exception, all software, firmware, and data must come from sources approved by the DOD, and abide by all current restrictions.