The White House has told US state agencies to only use government-controlled website domains as it tries to bolster public trust in the services the government provides over the web.
As it turns out, not all federal agencies use an official domain such as .gov or .mil for updates. So now, the White House has ordered them to start using the domains by May 8 in a memo signed by Office of Management and Budget (OMB) Director Shalanda Young.
“The internet has become a primary means by which the public receives information and services from the federal government,” Young’s memo states. “Therefore, it is critical that the federal government’s use of internet infrastructure employs high standards of quality to maintain public trust.”
The document also stated that American people know they’re accessing official communications when they see the .gov domain, and hold the information on such sites as “authoritative and trustworthy.”
“A good government domain name should be memorable for the American people, not longer than necessary, and describes the relevant government organization or service in an unambiguous way,” the memo stresses.
Registering a DotGov domain is free to agencies and other qualified registrants. It’s quite easy, and the memo says agencies may have to answer to OMB if they continue to use other domain names. To comply with the requirement, agencies have 180 days.
The White House also urged agencies to start reporting non-DotGov host names used by their internet-accessible information systems to the Cybersecurity and Infrastructure Security Agency (CISA) and the General Services Administration.
Matt Hayden, a former CISA official who now works at General Dynamics Information Technology, pointed out last year that cybercriminals and hacking groups are frequently turning to Domain Name System redirection and other DNS vulnerabilities to direct users to malicious websites.
“When you’re on DotGov, when you’re on DotMil, you’re in a safe place,” Hayden said in a Federal Drive podcast.
“The government is trying to make sure that the people who use services and communicate with our government agencies are in that same safe place. And so that’s why it does matter that DotGov is leveraged by all our organizations.”
The White House provides an exception for non-governmental entities operating third-party services on non-government domain names that are critical for critical public communications. The exception allows agencies to continue using social media services to communicate with the public.
CISA has recently compiled a list of free cybersecurity tools and services to help sometimes thrifty organizations reduce the likelihood of cyberattacks.
Your email address will not be published. Required fields are markedmarked