Defense Information Systems Agency is DISA. They review and approve the Stigs. The Security Technical Implementation Guides (STIGs) and the NSA Guides are the configuration standards for DOD IA and IA-enabled devices/systems. Since 1998, DISA has played a critical role enhancing the security posture of DoD's security systems by providing the Security Technical Implementation Guides (STIGs). The STIGs contain technical guidance to "lock down" information systems/software that might otherwise be vulnerable to a malicious computer attack. This at least helps answer your question.
I recommend that you contact the BMC Federal Account Manager for the USCG to determine when BMC will set the Smart/My IT added that should include the DB. -----Original Message----- From: Rackley, James A CIV <[email protected]> To: arslist <[email protected]> Sent: Fri, Jan 27, 2017 1:52 pm Subject: DISA STIG for Mongo DB (Fed Gov Environment) ** Listers, Greetings, all! As a warning, if you don't know what the acronyms DISA and STIG are, this discussion will likely give you a headache. If you do know what they mean, you've likely had a headache for a very long time. :D We're looking at an 8.1 to 9.1 upgrade of our environment and would like to use Smart/My IT. However, these apps require the installation of the Mongo DB product which has no DISA approved STIG. Because we have no control over DISA's timeline, we've now decided not to deploy Smart/My IT until we can get an approved STIG. We are proceeding with what I've termed "Vanilla 9.1". Is anyone else out there in the Fed Gov space working on a Mongo DB STIG with DISA? If so, I'd love to chat with you. Perhaps we can combine efforts/resources and get this thing moving. Just as importantly, I don't want to waste resources if someone else is well into the process. Thanks in advance! Regards, Jim Rackley CGFIXIT (Remedy) Service Manager, ITILv3© USCG, C4ITSC, Business Operations Division Phone: (757) 628-4039 Cell: (757) 609-0909 "You can't help everyone. But everyone can help someone." _ARSlist: "Where the Answers Are" and have been for 20 years_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
