UCF STIG Viewer Logo

DCBP-1 Best Security Practices


Overview

The DoD information system security design incorporates best security practices such as single sign-on, PKE, smart card, and biometrics.

MAC / CONF Impact Subject Area
MACI
MACII
MACIII
Medium Security Design and Configuration

Details

Threat
Organizations not leveraging best practices for security are not utilizing lessons learned from previous security efforts.  These organizations run the risk of repeating historical errors and wasting money on duplication of efforts while needlessly introducing preventable vulnerabilities into the IS.      Utilizing best security practices ensures information systems within the DoD are aligned with tested and validated practices.

Guidance
1. The DoD information system security design shall incorporate best security practices such as single sign-on, PKE, smart card, and biometrics.
2. Best Security Practices are compiled by government, industry, academia, (or collaborations between all three) to document those security practices that have a proven record of success when applied to appropriate technologies or situations. These Practices should be used in as many cases as practical.

References

  • DISA Network Infrastructure STIG, Version 5, Release 2, 29 September 2003
  • DISA Network Infrastructure Security Checklist, Version 5, Release 2.2, 23 September 2004
  • DoD IA Strategic Plan, Version 1, Release 1, January 2004
  • Carnegie Mellon Software Engineering Institute, Capability Maturity Model® Integration (CMMISM),Version 1, Release 1, CMMISM for Systems Engineering, Software Engineering, and Integrated Product and Process Development (CMMI-SE/SW/IPPD, Version 1, Release 1) Continuous Representation CMU/SEI-2002-TR-003ESC-TR-2002-003, December 2001
  • DoDD 8000.1, Management of DoD Information Resources and Information Technology, 27 February 2002
  • CJCSI - Information Assurance (IA) and Computer Network Defense (CND)