Configuration and Management
This is the fourth of a fourteen piece blog series intended to describe how Ascolta Greenfield environments achieve National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 Revision 1, Protecting Controlled Unclassified Information in Non-federal Systems,compliance. This entry covers the controls contained in the Configuration and Management Policy and Procedures family. 📷
What is it?
Configuration management is a collection of activities focused on establishing and maintaining the integrity of IT products and systems through the control of processes for initializing, changing, and monitoring the configurations of those products and systems throughout the System Development Life Cycle (SDLC).Configuration management consists of determining and documenting the appropriate specific settings for a system, conducting security impact analyses, and managing changes through a change control process. It allows the entire system to be reviewed to help ensure that changes made on one system do not have adverse effects on another system.
How does Greenfield solve it?
Greenfield provides Configuration Management by properly implementing configuration control procedures and tools, to include maintaining baseline configurations for all Greenfield systems deployed in AWS. The Greenfield Support Team works with Greenfield clients to advise them on configuration control of select networking resources such as EC2 security groups and firewalls and VPC network configuration. The client is responsible for implementing configuration management on their own third-party applications.The Greenfield Support Team utilizes established configuration and change control processes for all Greenfield information systems built on the AWS infrastructure. We provide hardened, well-documented images designed for compliance and security. These images are updated regularly to ensure that the latest security updates and compliance requirements are always implemented. We analyze, test and validate all changes made to the Greenfield system to determine potential security impacts, and document changes before implementing any changes on operational systems. 📷