NIST, Computer Security Division, Computer Security Resource Center
Resources
CIO Pilot Best Security Practices (BSPs)
The Chief Information Officer Council (CIO), Security Practices Subcommittee initiated the development of a mechanism to provide an easily accesible and useful source of iinformation to Federal employees on effective tools and practices. A successful pilot was undertaken through the efforts of this Subcommittee. As a result, 20 BSPs were submitted and can be found below in their original submission format.
| Title | Organization | Date |
| USAID Modem Scan Process | USAID | 01/23/01 |
| USAID Security Plan | USAID | 01/23/01 |
| Configuration of Technical Safeguards at USAID | USAID | 01/23/01 |
| How To Secure a Domain Name Server (DNS) | GSA | 05/11/01 |
| How to Accredit Information Systems for Operation | DOD/NSWC | 05/11/01 |
| Incident Handling at BMDO | DOD/BMDO | 05/22/00 |
| How to Deploy Firewalls | Carnegie Mellon University | 02/16/00 |
| VA Limited Personal | VA | 10/03/00 |
| OPM's Personal Use Policy | OPM | 12/04/00 |
| Integrating Security into Systems Development Life | SSA | 12/20/00 |
| C&A of Core Financial System | USAID | 02/05/01 |
| Developing an Agency Incident Response Process | SSA | 02/20/01 |
| Certification and Accreditation - the DLA Approach | DOD/DLA | 03/12/01 |
| Remove all Data From Workstations & Servers | USAID | 04/25/01 |
| NIH Disk Sanitization Procedures | NIH | 06/01/01 |
| USAID Mission Site Vulnerability Assesment | USAID | 06/13/01 |
| Securing POP Mail on Windows Clients | NASA | 06/13/01 |
Back to Top
DISA Security Technology Implementation Guides (STIGs)
Direct access to Defense Information Systems Agency (DISA) Security Technology Implementation Guides (STIGs) and Checklists are available on the DISA home page:
http://iase.disa.mil/stigs/index.htmlOn the DISA web page, you may sign up for the "STIG-News Mailing List:" to be notified when the latest STIGs are available.
Back to TopFASP Points of Contact
All Practices, Checklists, and Implementation Guides are collected, maintained, and disseminated by the Computer Security Division, National Institute of Standards and Technology. Any of the people listed below will welcome your questions and provide an appropriate response.
Kevin Stinekevin.stine@nist.gov
Computer Security Division
National Institute of Standards and Technology
100 Bureau Drive, MS 8930
Gaithersburg, MD 20899-0001
301-975-4483 [voice]
301-975-4007 [fax]