UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

close
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

FAA - FO 1370.113

Web Security Management Policy

active, Most Current
Organization: FAA
Publication Date: 16 April 2012
Status: active
Page Count: 12
scope:

This policy is designed to assist FAA employees and contract personnel with the secure development, management, maintenance, and use of the FAA websites/services (Internet, Intranet, Extranet) to enhance security on web systems. Any third party websites and social media websites are not within the scope of this policy. This policy addresses:

a. Implementing and maintaining security controls for web servers, such as those that provide Internet and email services;

b. Protecting FAA web information and data from unauthorized access, use, disclosure, disruption, modification, or destruction;

c. Protecting the FAA network from external threats delivered over the web, such as viruses, malicious attacks, data leaks, etc;

d. The System Authorization process for web systems as part of the FAA-wide Information Systems Security (ISS) Program;

e. Ensuring that authentication processes are in place that provide the appropriate level of assurance for web-based access and FAA online services;

f. Ensuring that security controls are implemented in all phases of the System Development Lifecycle (SDLC) for systems within the FAA web environment; and

g. Establishing and implementing clear privacy policies for the FAA web environment.

Purpose of This Order. This Order establishes the Federal Aviation Administration's (FAA) enterprise-wide Web Security Management Policy. This order outlines the policies, roles and responsibilities for developing, managing and maintaining web systems. This order will assign the framework, mandatory standards, procedures, and security and privacy requirements for the FAA web environment.

Document History

FO 1370.113
April 16, 2012
Web Security Management Policy
This policy is designed to assist FAA employees and contract personnel with the secure development, management, maintenance, and use of the FAA websites/services (Internet, Intranet, Extranet) to...

References

Advertisement