EnterpriseSecurity
SecurityProNews
ITmanagement







Follow The Leader: NSA Security Guidance

By Taylor Gillespie
Expert Author
Article Date: 2010-08-16

Most all new workstations and consumer hardware is designed and configured for regular public use. The default configuration is meant for fairly non-technical people. People who forget their administration passwords, people who desire a plug and play experience, and people who want things to work out of the box and problems to be fixed automatically. Unfortunately, this usually requires lackadaisical security policies.

The more security in place, the more roadblocks to a smooth user experience. When things are more secure they are harder to change. This is great from an enterprise security standpoint, but from a consumer perspective, the device is working against them. For that reason, consumer-grade, technological hardware often seeks a balance of security and usability, usually in favor of usability.


Because the default configuration is never secure enough for enterprise, or even usually personal use, the National Security Agency in an effort to "promote enhanced security" compiles a directory of Security Configuration guides. These configuration guides cover workstations using a variety of operating systems, from OS X, to Linux, Windows, and Solaris. They have configuration guides for routers, switches, and servers. Even IPv6 and browser security. They "strive to provide ... the software development community the best possible security options for the most widely used products." So, if you're looking to add a Firmware password to restrict Single User mode on OS X, or adding a BIOS password to disable startup options on PCs, the NSA Central Security Service has the possible holes covered in the Security Configuration Guides.


These guides not only describe the possible security vulnerabilities, they also frequently list the actual steps to take to secure the specific system. This is invaluable, because it lists the answer next to the problem in one place, instead of having to separately research the solution. Some of the vulnerabilities are typically well-known, so while many of you follow a number of the recommendations, these guides allow a sort of checklist of security configurations to verify that your enterprise is as close to properly hardened as possible.
About the Author:
Taylor is a Staff Writer for WebProNews

Newsletter Archive | Submit Article | Advertising Information | About Us | Contact

EnterpriseSecurityNews is an iEntry, Inc.® publication © All Rights Reserved Privacy Policy and Legal