Security Baselines

  • Published: Wednesday, Aug. 7, 2019

All apps and devices within your organization need to have a security baseline. The goal is to establish an appropriate level of security for all systems. This can differ from a configuration baseline because it deals solely with security related settings. The baseline will define a set of basic objectives for any given app or device. Baselines may be different for end user devices and servers and operating systems. Using group policy and security templates can help to standardize system configurations and settings. There are security templates for account policies, local policies, system service, software restrictions and restricted groups. Consider these security objectives:

  • Turn off all unnecessary services
  • Restrict administrator access
  • Restrict the ability of users to install software
  • Change default configurations

Establishing a security baseline can be a daunting task. But if you start with an outline and identify the basics and risks you will be creating a baseline quickly. Begin with a broad analysis of your infrastructure which includes wiring, switches, servers, wireless, software, cloud services, all end user devices and personnel. Assign a level of protection to each. At this time you can define the necessary tasks to align security measures.

Remember that establishing and maintaining security baselines will help to secure your environment and develop compliance.


Microsoft Security Compliance Toolkit 1.0

CIS Benchmarks

Understanding CIS Control 5: Secure Configurations for Hardware & Software

Windows security baselines

Security Implementation Template