Securing Desktop Workstations
• Security Improvement Module
Publisher
Software Engineering Institute
CMU/SEI Report Number
CMU/SEI-99-SIM-004Abstract
Securing desktop workstations should be a significant part of your network and information-security strategy because of the sensitive information often stored on workstations and their connection to the rest of the networked world.
Many security problems can be avoided if the workstations and network are appropriately configured. Default hardware and software configurations, however, are set by vendors who tend to emphasize features and functions more than security. Since vendors are not aware of your security needs, you must configure new workstations to reflect your security requirements and reconfigure them as your requirements change.
The practices recommended here are designed to help you configure and deploy networked workstations that satisfy your organization’s security requirements. The practices may also be useful in examining the configuration of previously deployed workstations.