Blog archive
Laptop running Windows 8 with chains on the screen indicating security

DISA lays groundwork for implementing Windows 8

Recently the Defense Information Systems Agency released its Security Technical Implementation Guidelines (STIG) for use of Microsoft’s Windows 8 operating system. The unclassified version is available on the DISA website.

First, the guide specifies that this STIG covers only the versions of Windows 8 that supports the x86/64-based processor architecture. This precludes Windows 8 RT, but DISA said RT is being evaluated under a different STIG. Since RT runs on ARM processors, it only makes sense that DISA would cover it with other mobile operating systems.

For Windows 8, the guide goes into the specific steps that Defense Department IT personnel are supposed to take to review a Windows 8 system, such as changing the security and network settings to comply with DOD standards. To make these changes would require using the Computer Management Console and the Registry Editor, so you know this STIG isn’t fooling around.

In a FAQ included with the guidelines, DISA noted that it is moving toward adopting the Security Content Automation Protocol (SCAP), a National Institutes of Standards and Technology specification for standardized use of security data. DISA also is formatting the STIG in Extensible Configuration Checklist Description Format (XCCDF), an XML-based language for writing security checklists, benchmarks and related documents.

The DISA STIGs often become the standard by which other agencies and even private companies secure their computers. So admins setting up Windows 8 tablets or desktops should take a look.

Posted by Greg Crowe on Mar 01, 2013 at 9:39 AM


  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

  • Defense
    Dana Deasy, DOD Chief Information Officer, hosts a roundtable discussion on the enterprise cloud initiative with reporters, Aug. 9, 2019, at the Pentagon, Washington, D.C. (DoD photo by Air Force Staff Sgt. Andrew Carroll)

    DOD CIO 'very confident' that White House influence didn't guide JEDI award

    At his Senate confirmation hearing, Defense Department CIO Dana Deasy said the department's $10 billion cloud contract was awarded by a team of experts.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.