New regulations for government contractors updating subcontractor database

Though questions remain regarding various nuances of the rule, the FAQ is a helpful document for those contractors still working on implementation of DFARS 252.204.7012.Divided into three sections — (1) General Application, (2) Security Requirements, and (3) Cloud Computing — the FAC provides answers to 59 commonly asked questions and provides greater clarity on a number of important points, which are discussed in greater detail below.

Call 1-800-985-7658 for fast System for Award Management (SAM) Registration (formerly CCR Registration & ORCA certification) and get started with government contracting.

On January 27, 2017, the Department of Defense (Do D) issued an updated Frequently Asked Questions (FAQ) regarding the application and requirements of DFARS 252.204.7012 Safeguarding Covered Defense Information and Cyber Incident Reporting.

They are the engine of our economy, and provide creativity, innovation and technical expertise to support our agencies.

Agencies must provide maximum practicable opportunities for small businesses to compete for agency contracts and to participate as subcontractors in contracts awarded by agencies.” In singling out small businesses as particular beneficiaries of the Recovery Act, the government was echoing a commitment that informs federal policy even in times of economic prosperity.

Federal Contractor Registry will complete all registration requirements in less than two weeks, after which you’ll be fully qualified to bid for and accept federal work.

Moreover, because all governmental buyers and private-sector procurement officers frequently refer to federal registrations to find qualified businesses, you will also have exposure to contracting opportunities with state, county and local government, as well as private-sector concerns.

The FAQ further notes that the physical location of an individual does not fall under one of these three categories.

Accordingly, presence within a secure facility cannot be used as a substitute for one of the factors under multifactor authentication.

: The primary difference between the security requirements imposed by earlier versions of DFARS 252.204.7012 and the current version is the addition of multifactor authentication as a minimum security standard.

The FAQ clarifies that this requirement necessitates authentication using a combination of (1) something you know (e.g., password); (2) something you have (e.g., a One-Time Password generating device like a fob, smart-card, or a mobile app on a smart-phone); and (3) something you are (e.g., a biometric like a fingerprint or iris).

Thus, different information is subject to different protections depending upon whether it is housed on contractor or DOD systems.

Tags: , ,