Architecting, installing and maintaining your SAS environment

Fill out Security Technical Implementation Guide (STIG) Information

Reply
Occasional Contributor
Posts: 9

Fill out Security Technical Implementation Guide (STIG) Information

Hello,

 

Has anyone filled out a STIG for their client?  We have deployed SAS 9.4 M3 Grid for  our client and they want us to fill out a STIG.  Has anyone has experience filling out a STIG?  Thanks,

DJ

Super User
Posts: 3,100

Re: Fill out Security Technical Implementation Guide (STIG) Information

[ Edited ]

In my experience the security requirements are included in the overall implementation design document. I don't believe there is such a thing as a 'standard' STIG, as each customer tends to have different requirements. Also bear in mind each customer has different security standards, something which should have been captured during the SAS design phase.

 

As a starting point I would simply take the security requirements from the overall design doc and put them in a separate one, then ask the customer to review it and provide feedback.

Ask a Question
Discussion stats
  • 1 reply
  • 168 views
  • 0 likes
  • 2 in conversation