Viewing a single comment thread. View all comments

dremspider t1_j0bojke wrote

Having some experience with MDM and the government... I am pretty sure most agencies are already doing this. If they are following NIST guidance they are doing this. My guess is this is a performative senate vote of "look we are doing something". DOD already has policies around this. DHS then has control over the policies over a ton of other agencies of what must be followed as far as computer security. NIST provides "guidance" which is usually high level and is where the the specific rules come from.

https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-124r1.pdf

3

owchippy t1_j0bt1oq wrote

Thank you for a sane & informed take on the subject. Was looking for someone who actually knew who/how MDM policy was currently being enforced. My guess was, not uniformly.

1