GSA, 18F award first series of agile software contracts
August 28, 2015
New "agile marketplace" blanket purchase agreement marks a key step toward teaming with vendors for faster software development.
David Stegon was a staff reporter for FedScoop and StateScoop from 2011-2014.
The National Institute of Standards and Technology is seeking comments on new draft guidelines for securing basic input/output systems on servers, otherwise known as BIOS systems.
The draft publication, "BIOS Protections Guidelines for Servers" (NIST Special Publication 800-147B), addresses BIOS security in the varied architectures used by servers.
"While laptop and desktop computers have largely converged on a single architecture for system BIOS, server class systems have a more diverse set of architectures, and more mechanisms for updating or modifying the system BIOS," said NIST’s Andrew Regenscheid.
Server manufacturers routinely update BIOS to fix bugs, patch vulnerabilities or support new hardware. However, while authorized updates to BIOS can improve functionality or security, unauthorized or malicious changes could be part of a sophisticated, targeted attack on an organization, allowing an attacker to infiltrate an organization's systems or disrupt their operations.
Comments on the draft must be emailed to firstname.lastname@example.org by September 14.