Blog archive
Laptop running Windows 8 with chains on the screen indicating security

DISA lays groundwork for implementing Windows 8

Recently the Defense Information Systems Agency released its Security Technical Implementation Guidelines (STIG) for use of Microsoft’s Windows 8 operating system. The unclassified version is available on the DISA website.

First, the guide specifies that this STIG covers only the versions of Windows 8 that supports the x86/64-based processor architecture. This precludes Windows 8 RT, but DISA said RT is being evaluated under a different STIG. Since RT runs on ARM processors, it only makes sense that DISA would cover it with other mobile operating systems.

For Windows 8, the guide goes into the specific steps that Defense Department IT personnel are supposed to take to review a Windows 8 system, such as changing the security and network settings to comply with DOD standards. To make these changes would require using the Computer Management Console and the Registry Editor, so you know this STIG isn’t fooling around.

In a FAQ included with the guidelines, DISA noted that it is moving toward adopting the Security Content Automation Protocol (SCAP), a National Institutes of Standards and Technology specification for standardized use of security data. DISA also is formatting the STIG in Extensible Configuration Checklist Description Format (XCCDF), an XML-based language for writing security checklists, benchmarks and related documents.

The DISA STIGs often become the standard by which other agencies and even private companies secure their computers. So admins setting up Windows 8 tablets or desktops should take a look.

Posted by Greg Crowe on Mar 01, 2013 at 9:39 AM


  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.