Gaining access to administrative accounts is often the goal of an attacker. What can you do to ensure that only the appropriately trained and fully accountable people have and maintain administrative access on your systems? This effort must start with an accurate inventory of every account with elevated access and must be strictly maintained. The […]
Control 7: Application Software Security
Attacks against applications are certainly a growing threat to organizations. Some argue that as system administrators are much better at configuring and patching their systems, the application is the next logical target of attack. What can be done at little to no cost to help prevent these threats to your environment? Glad you asked. Teach […]
Critical Control 6: Maintenance, Monitoring, and Analysis of Audit Logs
Logs are the single most important place to look when it is time to answer the question “what just happened”. The more systems you have, the more impractical it is to review at system logs individually. To facilitate this, configure each system to send its logs to a centralized log review and retention solution. This […]
Control 5 – Boundary Defense
Control 5 builds on Control 4 and is concerned with increased awareness and defense of the network boundary. To defend the boundary means you must be aware of what traffic goes through all network segments. Change control procedures that are strictly followed is also an important step toward successfully implementing this control. What can be […]
Control 4 – Secure Configurations of Network Devices Such as Firewalls, Routers, and Switches
Control 4 is similar to Control 3 in that it is concerned with maintaining a secure configuration. This time the focus is on network devices. What is the last thing you did on your network devices? Likely it was add a rule to permit a new traffic flow. When was the last time you made […]
Control 3 – Secure Configurations for Hardware and Software on Laptops, Workstations, and Servers
Control 3 builds on the previous two controls, Inventory of Authorized and Unauthorized Devices and Inventory of Authorized and Unauthorized Software. The intent of this control is to develop secure configurations for your systems and montior for any deviation from this standard. To implement this control, you must invest in some manual work in making […]