Contact: Piper Conrad
On Behalf of Secure Elements
Phone: (703) 287-7820
e-mail: pconrad@speakerboxpr.com

Managing and Testing Common Security Configurations for Microsoft XP and Vista Ranks as Top Challenge for Federal Agencies Complying with OMB Mandate
Survey of Federal CISOs and Managers highlights agency challenges, progress and priorities

HERNDON, VA - Jun 27, 2007 - Managing and testing standard security configurations against potential vulnerabilities ranks as the primary challenge for Federal agencies seeking to comply with the OMB mandate for a standard desktop configuration for Microsoft Windows operating systems, according to a Secure Elements survey of Federal Chief Information Security Officers (CISOs) and Managers.

The survey of Federal CISOs and Managers was conducted at the Secure Elements June 20^th panel discussion entitle "Are Federal Agencies Ready to Meet the OMB Mandate for Secure Desktop Configuration".

With the clock ticking towards the February 1, 2008 implementation deadline, the survey shed light on agency challenges, priorities and progress. Of the seven OMB action items, the requirements dealing with managing standard configurations at respective agencies (restricting administration to authorized professionals, testing configurations in a non-production environment, patching vulnerabilities) ranked as most challenging for decision-makers surveyed. 

"The survey results demonstrate that Federal agencies are taking the necessary steps to meet the OMB deadline and view it as an unprecedented opportunity to eliminate inherent cross-agency security inconsistencies and vulnerabilities," said Ned Miller, President and Chief Executive Officer, Secure Elements. 

OMB Mandate Top of Mind
Relative to other agency compliance initiatives, three-fourths of Federal CISOs and Managers surveyed consider the OMB mandate for standard security configuration for Microsoft Windows their top priority or a very high priority; and 50% of those surveyed believe they have the budget and staffing resources to meet the mandate (25% said they don't and 25% were not sure).

Migration to Vista on the Horizon
While Microsoft Vista is top of mind, none of the surveyed CISOs and Managers will initiate the migration to Vista in the next six months. Half of those surveyed plan to initiate migration in the next 6-12 months while the other half were unsure of timing. 

Agencies Turn to Compliance Tools
Three-fourths of CISOs and Managers plan to use NIST Security Content Automation Protocol (SCAP) compliant tools to meet the mandate (one-fourth said they were not sure); and 88% believe using NIST SCAP-based XML guidance for secure configurations will improve the security posture of their agency (12% were not sure). 

That said, half of surveyed Federal CISOs and Managers said their existing tools and technologies do not provide sufficient capability to achieve the OMB requirements (25% said they have sufficient tools and technologies and 25% said they were not sure).

About Secure Elements
Secure Elements develops innovative products that help organizations achieve IT security compliance.  We enable organizations to audit, evaluate, and comply with internal, industry, and regulatory policies.  Our solutions reduce business risk and IT management costs while improving systems performance and maintaining business continuity.  Based in Northern Virginia, Secure Elements serves organizations in the federal government and critical infrastructure markets, as well as the Global 1000.  http://www.secure-elements.com