A Security Technical Implementation Guide or STIG is a methodology for standardized secure installation and maintenance of computer software and hardware. The term was coined by DISA which creates configuration documents in support of the United States Department of Defense (DoD). The implementation guidelines include recommended administrative processes and span the devices' lifecycle.
An example where STIGs would be of benefit is in the configuration of a desktop computer. Most operating systems are not inherently secure. This leaves them open to criminals such as identity thieves and computer hackers. A STIG describes how to minimize network-based attacks and preventing system access when the attacker is interfacing with the system, either physically at the machine, or over a network. STIGs also describe maintenance processes (such as software updates and vulnerability patching).
Advanced STIGs might cover the design of a corporate network, covering configurations of routers, firewalls, domain name servers and switches.
Famous quotes containing the words security, technical and/or guide:
“There is one safeguard known generally to the wise, which is an advantage and security to all, but especially to democracies as against despots. What is it? Distrust.”
—Demosthenes (c. 384–322 B.C.)
“I rather think the cinema will die. Look at the energy being exerted to revive it—yesterday it was color, today three dimensions. I don’t give it forty years more. Witness the decline of conversation. Only the Irish have remained incomparable conversationalists, maybe because technical progress has passed them by.”
—Orson Welles (1915–1984)
“The President is not only the leader of a party, he is the President of the whole people. He must interpret the conscience of America. He must guide his conduct by the idealism of our people.”
—Herbert Hoover (1874–1964)