The Defense Information Systems Agency (DISA) is a part of the Department of Defense (DoD), and is a combat support agency. As part of their mission of providing information technology and communications support to the government and associated defense agencies, they have created and maintain a security standard for computer systems and networks that connect to the DoD. These guidelines are sets of configurations and checklists, known as Security Technical Implementation Guides (STIGs), which ensure the security of computer networks and systems.
Security Technical Implementation Guides also lay out things like how people running systems should be trained and how often security checks and updates need to be done. Essentially, they are a set of documents that tell organizations how to handle their computer systems and networks. Failure to stay compliant with guidelines issued by DISA can result in an organization being denied access to DoD networks.
Compliance can be fairly difficult because organizations must ensure that they are following DISA prescriptions at all times. This can be a bit like attempting to hit a moving target because STIGs are added and updated as new technology is developed. Additionally, software and hardware upgrades and replacements can cause required settings to be changed or overwritten. As a result, staying compliant means that systems need to be monitored and adjustments must be made on a continuous basis.
Ducara helps you to understand which systems need to be configured to meet DISA regulation requirements along with which configurations or processes are mandatory.
Once it's been established which systems need to be made compliant, STIGs need to be downloaded. From there, individuals can be assigned with the task of making configuration changes and, once this is done, following up regularly to ensure they are still correct.
Ducara’s DISA Compliance Auditing service includes the ability to validate DISA STIG compliance checks against switches, firewalls, applications (Oracle/SQL), RHEL, Solaris, and of course Windows systems.