 |
About Ex-Im | | |
News & Events | | |
Products & Policies | | |
Apply |
|
||
|
FEDBIZOPS (FBO) Federal Acquisition Regulations (FAR) Federal Acquisition Virtual Library |
|
 |
|
 |
Common Security Configurations for Personal Computer Hardware and Software
OMB issued policy memorandum M-07-11, “Implementation of Commonly Accepted Security Configurations for Windows Operating Systems,” requiring agencies to adopt standard security configurations for Windows XP and VISTA.Common security configurations provide a baseline level of security, reduce risk from security threats and vulnerabilities, and save time and resources. This allows agencies to improve system performance, decrease operating costs, and ensure public confidence in the confidentiality, integrity, and availability of government information.
A link to this Export-Import Bank web site is provided in all of our solicitations and awards for IT hardware, software and related services, to put vendors on notice of the compliance requirements of OMB policy memorandum M-07-11. We have no additional or agency unique requirements beyond those stated in this policy memorandum.
“Implementation of Commonly Accepted Security Configurations for Windows Operating Systems,” 
To ensure new acquisitions include these common security configurations, the Export-Import Bank of the United States information technology providers will verify their products operate effectively using these configurations.
a) The provider of information technology shall certify applications are fully functional and operate correctly as intended on systems using the Federal Desktop Core configuration (FDCC). This includes Internet Explorer 7 configured to operate on Windows XP and Vista (in Protected Mode on Vista). For the Windows XP settings, see: http://csrc.nist.gov/itsec/guidance_WinXP.html and for the Windows Vista settings, see: http://csrc.nist.gov/itsec/guidance_vista.html.
b) The standard installation, operation, maintenance, update, and/or patching of software shall not alter the configuration settings from the approved FDCC configuration. The information technology should also use the Windows Installer Service for installation to the default “program files” directory and should be able to silently install and uninstall.
c) Applications designed for normal end users shall run in the standard user context without elevated system administration privileges."
Points of Contact:
Mark Pitra - mark.pitra@exim.govPage updated: February 4, 2008
 |
Feedback | | |
Privacy | | |
Site Map | | |
Accessibility |
