This refers to all enterprise assets including the target system (end-user devices, including portable and mobile non-computing/IoT devices and servers) and software (operating systems and applications). (Resource: CIS Critical Security Controls v8)Īccording to the CIS Controls, there are 12 actions required for achieving a secure baseline:ġ)Establish and Implement Security Controls: Maintaining a Secure Configuration Process Critical machines downtime due to using manual tools in such complex tasks. Critical machines not configured in the most secure fashion, increasing the organization’s attack surface. Using unautomated tools will most likely result in one of two scenarios: 1. We strongly recommend automating system hardening. There are few options for hardening tools that can help you achieve a hardened infrastructure, but only a few of them are dedicated only to hardening. Furthermore, after configuration settings are deployed, they must be continually managed as the system constantly changes and new vulnerabilities emerge. It requires multi-disciplined staff that will analyze potentially hundreds or thousands of possibilities to make the right decision. Deploying secured configuration settings is extremely complex. This Control is all about securing configuration for any configurable component in your system, hardware, and software. “Establish and maintain the secure configuration of enterprise assets (end-user devices, including portable and mobile network devices non-computing/IoT devices and servers) and software (operating systems and applications)”. Hardening automation tools as the game changer of your hardening projectĬIS Control num 4: Secure Configuration of Enterprise Assets and Software.Separate Enterprise Workspaces on Mobile End-User Devices.Enforce Remote Wipe Capability on Portable End-User Devices.Enforce Automatic Device Lockout on Portable End-User Devices.Configure Trusted DNS Servers on Enterprise Assets.Uninstall or Disable Unnecessary Services on Enterprise Assets and Software.Manage Default Accounts on Enterprise Assets and Software.Securely Manage Enterprise Assets and Software.Implement and Manage a Firewall on End-User Devices.Implement and Manage a Firewall on Servers.Configure Automatic Session Locking on Enterprise Assets.Establish and Maintain a Secure Configuration Process for Network Infrastructure.Establish and Maintain a Secure Configuration Process.In this post, we will demonstrate CIS recommendations for baseline security, and what has changed from the previous versions: In this version, the CIS changes a little the perspective around baseline security and system hardening. The 8 th version of the CIS Controls was published in May 2021. The CIS updates its recommendation according to changes and new discoveries in the Information Security field. These controls were developed to simplify and help IT ops and security teams to remain focused on the essentials. The CIS Controls are a set of gold standard guidelines for organizations facing data security issues. The Center for Internet Security (CIS) published an updated version for the CIS Controls- CIS Controls v8.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |