Securing desktop workstations should be a significant part of your network and information-security strategy because of the sensitive information often stored on workstations and their connection to the rest of the networked world.

Many security problems can be avoided if the workstations and network are appropriately configured. Default hardware and software configurations, however, are set by vendors who tend to emphasize features and functions more than security. Since vendors are not aware of your security needs, you must configure new workstations to reflect your security requirements and reconfigure them as your requirements change.

The practices recommended here are designed to help you configure and deploy networked workstations that satisfy your organization's security requirements. The practices may also be useful in examining the configuration of previously deployed workstations.

Although this module focuses on securing desktop workstations, many of the practices are also applicable to securing network servers or other computers on your network. To make it easier to include those practices in other modules, we use the word "computer" broadly; it can mean workstations, servers, or other computers.

These practices are applicable to your organization if

• you operate or plan to operate a network that includes desktop workstations

• users of those workstations have network access to hosts inside your organization and to hosts outside through common Internet protocols

We assume that you have the following security requirements for information resources stored on or accessed by users or processes on those workstations:

• Some or all of the information is sensitive or proprietary. Access must be limited to authorized and properly authenticated users (inside or outside your organization).

• The integrity of that information is critical. It must not be compromised; that is, not modified by unauthorized users or processes operating on their behalf.

• That information must be readily accessible by authorized users whenever they need it to perform their work.

These practices address security issues for desktop workstations within your organization. They do not attempt to address security issues for

• portable workstations and laptop computers

• workstations at geographically remote sites that may connect to your site through the Internet or public telephone networks

• desktop machines that operate as network servers

Although many of the practices described here are applicable to these types of computers, we do not include other practices that are unique to them.

These practices are limited to security issues related to configuring the workstation itself. We recognize that security of the workstation also depends on security of the network to which it is connected, and we plan to describe network security practices in subsequent modules.

The focus of these practices is to help you establish an appropriate configuratin for a workstation when it is first deployed. They do not cover all security aspects of the day-to-day operations of a workstation, which we address in other modules. For example, activities related to detecting signs of intrusion on a desktop workstation are covered in the module Detecting Signs of Intrusion [Allen 00].

The practices do not include the initial setup of the workstation: unpacking it, confirming the hardware configuration, installing the default operating system, and making the network connection. However, some of the practices are most effective if performed during the process of installing the operating system.

Finally, these practices do not address physical security of workstations in detail.

1. Confidentiality - Information stored on the workstation may be disclosed inappropriately. This can happen when
   • unauthorized users gain access to the workstation
   • authorized users gain access to information that they are not supposed to see
   • authorized users inappropriately transmit information via the network
2. Integrity - The integrity of information stored on the workstation may be changed, either accidentally or maliciously.
3. Availability - Authorized users may be unable to use the workstation, the network, or the information and services stored on each to perform their jobs. This can result when
   • the information has been damaged, deleted, or otherwise rendered inaccessible (such as being encrypted or having its access privileges changed)
   • the computational resources of the workstation have been damaged or overloaded to the point of preventing authorized users' work
   • access to services has been denied

To secure a desktop workstation, we recommend a four-part approach. It requires implementing security practices in the following areas:

1. planning and executing the deployment of workstations
2. configuring workstations to prevent security incidents
3. maintaining the integrity of the deployed workstation
4. improving user awareness of security issues

The practices are designed to improve security in several ways:

• They promote consistency. When the configuration and deployment of workstations is consistent, it is easier to manage security and to predict or identify use outside the norm.

• They help to maximize security on each workstation. This provides vital protection in case of failure of perimeter defenses. Host security is also a first-line of defense against internal threats, which generally have a higher probability of occurrence than external threats via the network.

• They help you recognize security incidents sooner, help prepare you to recover from security breaches, and prevent similar breaches from recurring. As a result, you can reduce damages from security incidents.