In this CyberSecurity TV episode, Brian Hajost, SteelCloud CEO, focuses on policy compliance challenges for both unclassified and Classified Environments and how the security stack differs. Learn why secure and air-gapped clients need to do more with less as IA resources are limited. For this reason, automation is key for classified environments to enable IA resources to get and stay in compliance efficiently.
Almost half of all ConfigOS systems in the military are installed in classified environments. Similar to our tactical implementations, ConfigOS needs minimal computer resources and does not require the internet. Being lightweight, ConfigOS, is highly productive in even the smallest enclaves. Furthermore, ConfigOS was designed and developed to be implemented and operated by the government and its mission partners without the requirement for on-site involvement from SteelCloud.
The Department of Defense (DoD) introduced the Risk Management Framework (RMF) in 2014 to assist federal agencies to better manage risks associated with operating an information system. Federal agencies must now follow assessment standards established by the National Institute of Standards and Technology (NIST). RMF requires that systems be hardened to standard STIG or Center for Information Security (CIS) benchmarks. The issue is that applications are typically developed and tested in a non-STIG environment. When they are placed in a STIG hardened environment they fail. These failures are unique to each application stack and sorting them out can take weeks and or months for each application. ConfigOS can help you get it all done faster.