Security Checklist: NIST Offers Updated Guidance

By
Dan Lohrmann
 on September 28, 2008 1:30 PM | | Comments (1)
Bookmark and Share

The National Institute of Standards and Technology (NIST) has issued newly updated security checklists for government regarding best practices in configuring IT products. Sponsored by the Department of Homeland Security (DHS), the NIST Special Publication 800-70 is entitled: "National Checklist Program for IT Products - Guidelines for Checklist Users and Developers (Draft)."

After the executive summary, introduction, and overview of the checklist program, the guide covers such topics as checklist usage, checklist development, and even examples as Appendix B offers a checklist description template and Appendix C offers operational procedures.

Government Computer News (GCN) announced the new guide  and described some of the goals of the National Checklist Program (NCP):

  • Facilitate development and sharing of checklists by providing a formal framework for checklist developers to submit checklists to NIST.
  • Provide guidance to developers to help them create standardized, high-quality checklists that conform to common operational environments.
  • Providing guidelines for developers for making checklists better documented and more usable.
  • Encourage IT product vendors and other parties to develop checklists and to configure their products based on those checklists.
  • Provide a managed process for the review, update, and maintenance of checklists.
  • Provide an easy-to-use repository of checklists.
  • Provide checklist content in a standardized format.
  • Encourage the use of automation technologies for checklist application.

    •  

    I highly recommend taking a look at this new NIST publication. These checklists can be very helpful to follow.

    So tell me, does your state use NIST or other checklists to securely configure IT products?

    Tags:

    1 Comments

    By shinysot on September 30, 2008 5:09 AM

    This new Virginia ideas portal is a great step that is getting a lot of press. It certainly gets citizens interested in improving government and discussing the pros and cons of new suggestions or old ideas in new ways.
    =========================================================

    Tampa Lawyers

    Leave a comment

    GovTech Blogroll

    Recent Entries

    About

    Categories

    Tag Cloud

    Monthly Archives

    Affiliates