Achieving Federal Desktop Core Configuration Compliance (FDCC) with Lumension® Solutions
The Federal Desktop Core Configuration (FDCC) is an Office of Management and Budget (OMB) mandated security configuration set applicable within United States Federal Government agencies. Private enterprises may also choose to utilize this established framework as a foundation for their own security configuration baselines. All federal agencies that utilize or plan an upgrade to either Windows XP or Vista must report compliance, with FDCC reporting requirements dictated by the standard FISMA reporting guidance. The FDCC specific configuration requirements are generally based on the "Principle of Least Privilege" restricting user and machine rights. This whitepaper examines the FDCC requirements, the compliance challenges including vulnerability management, change control, and system security management and also highlights how Lumension's SCAP Validated FDCC scanner is integrated with a complete vulnerability management solution to effectively enable compliance with these standards.