Computer Security Awareness Training

Microsoft is working with the Federal government to establish security settings for the Federal Desktop Core Configuration (FDCC) for the Windows 7 release this October.

With the alpha version of it’s security guide released earlier this month, Microsoft is working with the DOD to merge this component into the FDCC, providing a single standard for secure configuration.

William Jackson reported in a Redmondmag.com article recently, “Microsoft’s security guide specifies two security configurations for its operating systems: a standard enterprise configuration and the secure limited functionality recommended for organizations with higher security needs. The government’s FDCC for XP and Vista does not correspond exactly to Microsoft’s security guides, but officials hope the settings for Windows 7 will be harmonized into a single industry/government standard.”

While the National Institute of Standards and Technology (NIST) has outlined a process for creating security configuration checklists in it’s National Checklist Program (NCP), Steve Quinn (senior computer scientist at NIST) says the goal of Microsoft’s work with DOD on Windows 7 configuration will be a government-wide standard which applies beyond defense and national security systems. When completed, NIST will check the configuration against the NCP.

Critics point out that until the FDCC configurations are actually tested in a production network, it will be unclear what incompatibilities may come up.

Subscribe to the CyberSecurity Training and Awareness blog to be the first to learn about future Windows 7 Security Configurations, news, and Security Awareness Training solutions.