Government contractors should take note of a newly proposed FAR rule that requires basic safeguards for government contractor information systems. Under the proposed rule, government contractor information systems that contain or process information provided by or generated for the government (other than public information) will need to have the following safeguards that:

- Restrict Information: Restrict information on public computers or Web sites without access control;

- Protect Transmissions: Protect electronic information transmissions, including e-mail, text messages, blogs, and similar communications;

- Protect Voice and Fax Transmissions: Limit voice and fax transmissions to authorized recipients;

- Apply Physical and Electronic Security: Provide physical and electronic barriers to information provided by or generated for the government;

- Sanitize Media: Clear information from media used to process information;

- Protect Against Intrusion: Apply protection against computer intrusions and data compromise by regularly updating anti-virus software and anti-spyware and promptly applying patches, service packs, and hot fixes; and

- Limit Information Transfers: Limit transfers of information only to subcontractors that require the information for contract performance, and have the same level of security as prescribed by the government.

Please see full Update below for more information.