TagVault.org, a non-profit program of IEEE-ISTO, announced today that it will provide free general memberships to government organizations. These memberships will provide governmental organizations with access to tools, information and training that make software easier to identify, therefore simplifying the process of managing software entitlement compliance and strengthening operational security with respect to software.
TagVault.org is the certification authority for software identification tags based on the ISO/IEC 19770-2:2009 standard and validates that software publishers are known entities and that the publishers follow a specified set of requirements for providing software identification information. TagVault.org digitally signs specific elements of the software identification tags in a manner that allows third party organizations to independently and authoritatively validate that elements of the certified tag have not been modified. This gives government agencies, and other software users, confidence that the software installed on their computers has not been tampered with and is the correct software for each user’s respective role. This increased security for software installations through accurate and authoritative identification allows government agencies to automate compliance with the consensus audit guidelines (CAG) and the NIST 800-53 controls as they relate to software.
TagVault.org’
“Certified software identification tags have the ability to dramatically increase the visibility of IT assets government-wide, while increasing security and operational efficiencies, and reducing the costs of government ITAM operations”, said Alan Vander Mallie, Federal ITAM Program Manager of GSA. “The GSA program is looking forward to seeing software tags in use by all software vendors as soon as possible and is looking for federal agencies to share their tagging requirements. In the context of open and transparent Government, an organization such as TagVault.org allows federal agencies to participate directly with industry towards the common goal of increasing the compliancy and security of its assets. Software tagging efforts and the open exchange of tagging requirements support the basic tenets of the GSA IT asset management program (www.gsa.gov/
“Government members of TagVault.org will learn what they can do to ensure the software they purchase can be easily managed, as well as using the information to securely identify known software in their network,” said Steve Klos, executive director of TagVault.org. “TagVault.org is excited to provide this new membership program to government agencies and look forward to the seeing the benefits of certified tags providing benefits to both government and commercial organizations.”
TagVault.org is attending the Government Technology Research Alliance in Pennsylvania in December. The organization has also made the new government membership programs available on its membership forms and will be holding a webinar specifically for Government organizations on December 17th, 2009 at 10 AM Pacific to discuss the benefits of specifying the requirement for certified software identification tags in RFPs and software contracts.
For more information, please go to www.tagvault.org.
