CDT Issues New Guidance on Server Security, Supported Tech

The California Department of Technology has issued new guidance for server hardening standards and supported technology program agreements.

In a technology letter published this week, the department announced new security controls requirements for server hardening as part of the Statewide Information Management Manual (SIMM) 5355-B.

“Server hardening standards are essential to secure the ports, access points, permissions, and functions of a server as they minimize vulnerabilities, reduce attack surfaces, and ensure a robust defense against unauthorized access and cyber threats,” the letter reads.

The letter also included guidance for state agencies and “supported and supporting entities to jointly assume responsibility for staff roles and/or organizational functions for IT security.”

“This agreement ensures that all entities involved in a supported technology program are aligned with clearly identified support roles and functions,” the letter reads.

Questions about the technology letter can be sent via email to CDT’s Office of Information Security.