The United States Government Configuration Baseline (USGCB) is an initiative to provide federal agencies with guidance for information security configuration best practices.
The USGCB aims to standardize IT configuration settings, reduce costs, accelerate technology adoption rates, improve efficiency, and strengthen system hardening procedures to address both current and yet-to-be-discovered security threats. It also contains mandates for power-management settings to save energy, lower costs, protect the environment and comply with executive orders.
USGCB implementation is the responsibility of each government agency or contracting organization. It can be customized to address an organization's own unique requirements and/or operational challenges. To ensure compliance and minimize management complexity, organizations and agencies are expected to implement USGCB settings, follow proper procedures, document and track any changes to USGCB settings,and continuously comply with its mandates.
Issued by the Office of Management and Budge (OMB), the USGCB evolved from a directive called the Federal Desktop Core Configuration (FDCC), which required agencies to adopt security configurations defined by the National Institute of Standards and Technology (NIST) for Windows XP and Windows Vista operating systems. As software and operating systems were updated and new products released, the government has had to update the standard. In 2010, the USGCB was created to clarify mandates in the FDCC and constitute the configuration settings component of it. USGCB currently has content applicable to Windows 7, Windows 7 Firewall, Windows Vista, Windows Vista Firewall, Windows XP, Windows XP Firewall, Internet Explorer 7, Internet Explorer 8, and Red Hat Enterprise Linux.