Security Technical Implementation Guide
- Security Technical Implementation Guide
A Security Technical Implementation Guide or STIG is a methodology for standardized secure installation and maintenance of computer software and hardware. The term was coined by DISA who creates configuration documents in support of the United States Department of Defense (DoD). The implementation guidelines include recommended administrative processes and span over the lifecycle of the device.
An example where STIGs would be of benefit is in the configuration of a desktop computer. Most Operating Systems are ordinarily usable in a wide-range of environments. This leaves them open to easily being controlled by malicious people, such as hackers. Therefore, a STIG describes what needs to be done for minimizing network-based attacks and also for stopping system access if a hacker is next to the device. Lastly, a STIG may also be used to describe the processes and lifecycles for maintenance (such as software updates and vulnerability patching).
Advanced examples would include the creation of STIGs for the design of a corporate network. A corporate network may consist of thousands of network devices and servers that control the flow of information. Therefore, in order for the network to be efficient and secure, STIGs may be used to define a common configuration for each device type (such as routers, firewalls, domain name servers, and switches). When a structure is found to be as complex as this, it may even be beneficial to devise a STIG for common network structures found within the company (such as campus, remote site, partner site requirements). Common STIGs often are the glue that bind related STIGs created by System Administrators into groups and also address the security policies created by Upper Management.
Ultimately, STIGs are used to maintain the confidentiality, integrity, and availability of an information system and are an important part of configuration management for the system.
Resources
* [http://checklists.nist.gov/ncp.cfm?repository NIST Security Configuration Checklists Repository]
* [http://iase.disa.mil/stigs/index.html Security Technical Implementation Guides and Supporting Documents in the Public Area]
Tools
* [http://iase.disa.mil/stigs/compilation/index.html DoD General Purpose STIG, Checklist, and Tool Compilation CD]
* [http://regustand.cytrap.eu/?p=1 Urs+Nahum's Security Checklist for SMEs]
ee also
*Information Assurance
*CIA triad
Wikimedia Foundation.
2010.
Look at other dictionaries:
Security Information Management — (SIM) is the industry specific term in computer security referring to the collection of data (typically log files; e.g. eventlogs) into a central repository for trend analysis. SIM is a relatively new idea, pioneered in 1999 by a small company… … Wikipedia
Technical architecture — is one of several architecture domains that form the pillars of an enterprise architecture or solution architecture. It describes the structure and behaviour of the technology infrastructure of an enterprise, solution or system. It covers the… … Wikipedia
Technical analysis — Financial markets Public market Exchange Securities Bond market Fixed income Corporate bond Government bond Municipal bond … Wikipedia
Technical features new to Windows Vista — This article is part of a series on Windows Vista New features Overview Technical and core system Security and safety Networking technologies I/O technologies Management and administration Removed features … Wikipedia
Security-Enhanced Linux — The SELinux administrator in Fedora 8 Security Enhanced Linux (SELinux) is a Linux feature that provides a mechanism for supporting access control security policies, including United States Department of Defense style mandatory access controls,… … Wikipedia
Information security — Components: or qualities, i.e., Confidentiality, Integrity and Availability (CIA). Information Systems are decomposed in three main portions, hardware, software and communications with the purpose to identify and apply information security… … Wikipedia
Domain Name System Security Extensions — Internet protocol suite Application layer BGP DHCP DNS FTP HTTP … Wikipedia
Voice over IP — Digital voice redirects here. For the commercial service, see Comcast Digital Voice. Voice over Internet Protocol (Voice over IP, VoIP) is a family of technologies, methodologies, communication protocols, and transmission techniques for the… … Wikipedia
Social Security (United States) — This article is about the retirement/disability program. For the general concept of providing welfare, see Social security. For other uses, see Social Security (disambiguation) … Wikipedia
Conservation security program — The Conservation Security Program was established under the 2002 Farm Security and Rural Investment Act (FSRIA). The Act amended the Food Security Act of 1985 to authorize the program. The Conservation Security Program is administered by the… … Wikipedia
