The Defense Information Systems Agency (DISA) is the entity responsible for maintaining the security posture of the Department of Defense (DoD) IT infrastructure. One of the methods used by DISA to accomplish this task is by developing and using what they call Security Technical Implementation Guides, or “STIGs.” Although developed for the Department of Defense, many Federal and State entities now look to the STIGS as their guidance for security as well.
The STIG is not just one guide or a one size fits all kind of security approach. There are several types of STIGs needed to secure an IBM Maximo system including the Operating Systems (OS), Web Application STIG for WebSphere, and the applicable database STIG for the DB in use (Oracle, Microsoft SQL, or IBM DB2.
Once you review the STIGs you will find that they do not necessarily provide you straight forward “how to” steps. You must interepret the meaning for some items and apply them appropriately. This is where ITS excels.
ITS has over 20 years of STIG
Don’t struggle with security, turn to ITS to help you. Contact our team today.