Ensuring that your Windows 2000 systems have good security settings should be a little easier now thanks to the release of a new benchmarking tool put together by a raft of private sector and nonprofit groups.The benchmark, created by the Center for Internet Security, SANS, the U.S. General Services Administration, the President’s Critical Infrastructure Protection Board, the U.S. National Security Agency and the National Institute of Standards and Technology, is designed to give companies and users a clear standard for achieving a baseline level of security in their Windows 2000 systems, says Clint Kreitner, president and CEO of the Center for Internet Security in Bethesda, Md.The benchmark will provide users with the confidence that these settings are widely-agreed upon by security experts, he says.Because most operating systems ship from their vendors with security settings turned off by default, Kreitner says that users and administrators need guidance in how to securely configure their Windows 2000 systems. The benchmark provides such a guide, he says, backed by the combined security expertise of the organizations that worked to create it. Users will be able to easily check the configuration of their systems by downloading a tool from the Center for Internet Security’s website that performs hundreds of configuration checks and then reports to the user their level of compliance with the standard. The tool really is the key because it gives you a score” to measure by and work from, Kreitner adds.The Center for Internet Security already provides benchmarks and tools for a number of platforms including Unix operating systems and Cisco routers. Future benchmarks will be created to cover Check Point Software Technologies firewalls, Cisco Pix firewalls, Solaris, Apache and IIS (Internet Information Services) Web servers, Oracle databases and more, he says. The benchmarks and configuration checking tools are available for free on the Center for Internet Security website. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe