Officials at the National Institute of Standards and Technology announced that a security configuration checklists program for information technology products, including a logo that vendors can put on their wares, is on track for completion before the end of 2004.
A security configuration checklist describes the software options and settings that users can choose to minimize the security risks associated with a particular type of hardware or software. More commonly referred to as lockdown guides or security benchmarks, security checklists are basically documents for securing IT hardware or software in different settings. Security checklists for home computer users, for example, would be different from those for federal computer users handling sensitive data.
A checklist could include scripts, templates and pointers to Web sites where users can download software updates or firmware upgrades to make products more secure from attack by viruses and other malicious code spread via the Web.
The link for this article located at fcw.com is no longer available.
