spk-logo-white-text-short
0%
1-888-310-4540 (main) / 1-888-707-6150 (support) info@spkaa.com
Select Page

How to Conduct System Hardening Using the Defense Information Systems Agency’s (DISA) “Gold Disk”

Written by SPK Blog Post
Published on December 6, 2011

Holes in your IT infrastructure can make for some awkward situations. Whether you’re dealing with sensitive customer information, upcoming product designs, or simply just don’t want people messing with your stuff, maintaining system integrity can be difficult. Symantec is great, but what do you do when the integrity of your system directly relates to national security? Where do you turn when the boss says you gotta keep those centrifuges spinning or heads will roll?

The DoD has developed a process, called DIACAP, for certifying that an Information System (IS) is compliant with DoD security standards. DIACAP stands for DoD Information Assurance Certification and Accreditation Process and you can find additional information about it here and here.

The DISA (an agency within the DoD) has developed a tool, called “Gold Disk”, to help identify and mitigate security holes according to DIACAP standards. It scans your machine and produces a detailed outline of all the Category 1, 2, and 3 vulnerabilities it finds, depending on the applicable Mission Assurance Level. It even goes as far as to suggest the appropriate means of resolving the issue, point out relevant Microsoft Security Bulletins, and offer to fix things for you.

Keep reading for my step-by-step walk-through on how to use DISA’s “Gold Disk”, a handy tool!

David Hubbell
SPK Software Engineer

Latest White Papers

The Hybrid-Remote Playbook

The Hybrid-Remote Playbook

Post-pandemic, many companies have shifted to a hybrid or fully remote work environment. Despite many companies having fully remote workers, many still rely on synchronous communication. Loom offers a way for employees to work on their own time, without as many...

Related Resources

OKR and Agile: Harmonizing Strategic Goals with Agile Methodologies

OKR and Agile: Harmonizing Strategic Goals with Agile Methodologies

Objectives and Key Results (OKRs) and Agile methodologies like Scrum, Kanban, and SAFe are powerful frameworks designed to boost productivity and keep teams aligned. OKRs drive strategic goal-setting and measurable outcomes, while Agile approaches like Scrum focus on...

Maximizing Efficiency with a RACI Matrix

Maximizing Efficiency with a RACI Matrix

For years, I’ve enjoyed working with clients on difficult projects. In my early career, I did a lot of work for a cloud and infrastructure company where I mainly worked with internal teams.  However, when I did get the chance to work with external clients, I found...