Windows 10 Security Framework
- Published: Wednesday, July 31, 2019
Windows recently released their new security framework (SECCON) which includes policies, security controls and behaviors. Mimicking the DEFCON framework used by US Armed Forces, SECCON adopts the 5 levels of readiness.
There are 5 levels of the SECCON framework. This link, Introducing the Security Configuration Framework, will examine each level in detail.
- Level 1 (Enterprise Basic Security) This is the minimum security configuration.
- Level 2 (Enterprise high Security Configuration) Recommended for users who access sensitive or confidential information.
- Level 3 (Enterprise VIP security) This configuration will require a more sophisticated security team due to the complexity to configure.
- Level 4 (DevOps workstation) Recommended for developers and testers.
- Level 5 (Administrator workstation) Level 5 should include all levels of configuration. More configuration guidance on this level is currently being developed.
Many organizations may not get past the first 2 levels but understanding the security implications associated with each level of the framework is important.
Microsoft recommends that security controls should be gradually deployed using the ‘Ring’ methodology:
- Test ring- contained in a lab situation to validate apps prior to enforcement of any configuration.
- Pilot ring – using 2-5% of the environment.
- Fast ring – deploy to 25%
- Slow ring- deploy to remaining
Resource
Introducing the security configuration framework: A prioritized guide to hardening Windows 10