Per the Federal Information Security Management Act (FISMA), federal information systems must be hardened according to security configuration standards such as the Federal Desktop Core Configuration (FDCC), the U.S. Government Configuration Baseline (USGCB), and the Center for Internet Security (CIS) benchmarks. Government (and contractor) IT shops spend countless hours configuring new and existing systems to ensure they are compliant with the required security configuration. The U.S. government could save time and money by working with vendors such as Microsoft, Red Hat, Apple, Oracle, etc. to have them create government-ready versions of their operating systems (e.g., Windows, Mac OS, Red Hat Enterprise Linux, Solaris, etc.) with pre-configured settings according to OMB-mandated settings. The U.S. government is one of the largest clients of these operating system makers, and by having them comply with the government's security requirements can save tax-payers money, and ultimately ensure the federal information system environment is more secure, preventing losses due to security incidents based on system misconfiguration.
Idea No. 2494