Security Baselines
- Published: Wednesday, Aug. 7, 2019
All apps and devices within your organization need to have a security baseline. The goal is to establish an appropriate level of security for all systems. This can differ from a configuration baseline because it deals solely with security related settings. The baseline will define a set of basic objectives for any given app or device. Baselines may be different for end user devices and servers and operating systems. Using group policy and security templates can help to standardize system configurations and settings. There are security templates for account policies, local policies, system service, software restrictions and restricted groups. Consider these security objectives:
- Turn off all unnecessary services
- Restrict administrator access
- Restrict the ability of users to install software
- Change default configurations
Establishing a security baseline can be a daunting task. But if you start with an outline and identify the basics and risks you will be creating a baseline quickly. Begin with a broad analysis of your infrastructure which includes wiring, switches, servers, wireless, software, cloud services, all end user devices and personnel. Assign a level of protection to each. At this time you can define the necessary tasks to align security measures.
Remember that establishing and maintaining security baselines will help to secure your environment and develop compliance.
Resources
Microsoft Security Compliance Toolkit 1.0
Understanding CIS Control 5: Secure Configurations for Hardware & Software