The White House has mandated that all federal agencies using Microsoft Windows software must implement new computer security standards developed in tandem with the National Security Agency.

An administration memo issued this week requires agencies to ensure that any existing or newly purchased Windows machines include certain default settings that substantially decrease the time and money spent securing those personal computers and in repairing systems that have been compromised by hackers or viruses.

A majority of agencies has fallen short of federal computer security standards, often for failing to implement basic changes to harden systems against cyber attack or employee misuse. The new rules would force agencies to employ preconfigured security settings on all existing PCs. It also would require agencies seeking to purchase the latest version of Microsoft’s operating system — Windows Vista — to order systems specially configured to meet the government’s new security requirements.

Officials from the White House Office of Management and Budget, which sets computer security policy for all federal agencies, declined to be interviewed. But according to the White House memo, agencies will be required to develop plans by May 1 to show how they will implement the new requirements. Full compliance will be required by February 2008.

The new rules require agencies to take steps to decrease the likelihood that systems can be compromised by viruses or cyber criminals. Agencies must include tactics such as disabling unneeded software and services that expose systems to cyber attacks, and configuring machines to run under user accounts that cannot install new programs or alter existing software.

Scott Armstrong, vice president of marketing at Secure Elements, a Herndon, Va., company that sells security software and services to federal agencies, said the requirements should help dramatically reduce the number of security incidents at federal agencies.

“It’s a whole lot easier to lock down these systems than it is to spend a lot of time cleaning up security breaches,” Armstrong said.

The standards are based on configurations developed over the past four years by the NSA, U.S. Air Force, National Institutes of Standards and Technology and the Defense Information Systems Agency, among others. The new requirements, which have been implemented across more than 420,000 Air Force Windows PCs over the past year, are directly responsible for decreasing the security incidents and the overall workload of Air Force IT personnel by at least 30 percent, said Kenneth Heitkamp, associate director for the Air Force Life-Cycle Management Office in the Office of Warfighting Integration and Chief Information Officer.

The White House mandate also offers the promise of improving the quality of third-party software designed to run on top of Windows, said Clint Kreitner. He heads the Center for Internet Security, a nonprofit group of agencies and companies that helped to coordinate collaboration on the new standards, which have been roughly four years in the making. One persistent problem, he said, is that application developers often write their software to work on non-hardened platforms, which can force users to soften the security of the operating system to get the applications to work properly.

“These requirements give the government the specific information it needs to tell an application vendor — be it a Beltway company some other vendor developing custom stuff — that it wants applications to be fully functional on a more secure Windows version,” Kreitner said.