A Security Technical Implementation Guide or STIG is a methodology for standardized secure installation and maintenance of computer software and hardware. The term was coined by DISA which creates configuration documents in support of the United States Department of Defense (DoD). The implementation guidelines include recommended administrative processes and span the devices' lifecycle.
An example where STIGs would be of benefit is in the configuration of a desktop computer. Most operating systems are not inherently secure. This leaves them open to criminals such as identity thieves and computer hackers. A STIG describes how to minimize network-based attacks and preventing system access when the attacker is interfacing with the system, either physically at the machine, or over a network. STIGs also describe maintenance processes (such as software updates and vulnerability patching).
Advanced STIGs might cover the design of a corporate network, covering configurations of routers, firewalls, domain name servers and switches.
Famous quotes containing the words security, technical and/or guide:
“In the long course of history, having people who understand your thought is much greater security than another submarine.”
—J. William Fulbright (b. 1905)
“In effect, to follow, not to force the public inclination; to give a direction, a form, a technical dress, and a specific sanction, to the general sense of the community, is the true end of legislature.”
—Edmund Burke (1729–1797)
“...to give light to those who sit in darkness and in the shadow of death, to guide our feet into the way of peace.”
—Bible: New Testament, Luke 1:76.
Zechariah speaking about his son.