Securing Desktop Workstations

February 1, 1999 • Security Improvement Module

By
Derek Simmel, Gary Ford, Julia H. Allen, Christopher J. Alberts, Barbara Fraser, Eric Hayes, John Kochmar, and Suresh Konda

The practices recommended in this 1999 report are designed to help you configure and deploy networked workstations that satisfy your organization's security requirements. The practices may also be useful in examining the configuration of previously deployed workstations.

Publisher

Software Engineering Institute

CMU/SEI Report Number

CMU/SEI-99-SIM-004

Abstract

Securing desktop workstations should be a significant part of your network and information-security strategy because of the sensitive information often stored on workstations and their connection to the rest of the networked world.

Many security problems can be avoided if the workstations and network are appropriately configured. Default hardware and software configurations, however, are set by vendors who tend to emphasize features and functions more than security. Since vendors are not aware of your security needs, you must configure new workstations to reflect your security requirements and reconfigure them as your requirements change.

The practices recommended here are designed to help you configure and deploy networked workstations that satisfy your organization’s security requirements. The practices may also be useful in examining the configuration of previously deployed workstations.