A group of top government and private sector security experts on Wednesday will unveil a list of standard settings for Windows 2000 that they hope will help administrators avoid confusion and lock down their networks.
Many government agencies, most notably the U.S. Department of Defense, will immediately mandate use of the settings and officials hope that enterprises will follow suit.
The group will also release a small vulnerability scanner that will verify that a given network is using the approved settings.
Developed through a joint effort of President Bushs Critical Infrastructure Protection Board, the Center for Internet Security, the National Security Agency, the General Services Administration, the National Institute of Standards and Technology and the SANS Institute, the settings represent the governments first tentative steps toward regulating computer security.
Many people in the security industry for years have feared that the government would tire of the private sectors failure to adequately secure its networks and step in with some form of regulation or legislation. And, while private businesses will not be required to follow the new standards, the move will likely do little to ease fears of government intervention, insiders say.
But, even if enterprise administrators follow suit and adopt the standard settings, that still leaves unaffected the millions of home-based PCs, most of which dont run Windows 2000.
The groups plan to announce the settings Wednesday afternoon in Washington.
- Homeland Security Plan Draws Criticism
- National Security is an IT Concern
- IT Pros Predict Major Cyber-Attack
- More Security Coverage