Over and over again in security assessments I hear IT departments talking about protecting and concentrating on “critical” systems. Sure they deserve extra attention but nowadays you have to do everything right.
Every Windows server and workstation out there needs to be protected. Every single system. Here are the reasons why:
- An attacker just needs to compromise one system to begin a prolonged attack. It doesn’t matter if it’s a “critical” system. Today's attackers are patient and persistent and skilled in pulling themselves up by the bootstraps after getting control of one computer on the network.
- Nearly every system has some kind of confidential information or system data that attackers can use.
- Every system on your network is just that. It's on your network. By virtue of that fact alone you need to protect it in order to protect everything else on your network.
Protecting every system is a tall order. After all you probably have hundreds or thousands of Windows systems. Each system has hundreds of security settings. That easily translates to millions of configuration tasks. That requires configuration management that is really effective, smart, automated and efficient. Where do you start?
First you need to determine your configuration baseline – which settings should be configured and what value? Don’t re-invent the wheel on this. Leverage the work, research and testing of the experts. I'll examine the 2 most popular security standards for Windows:
- The United States Government Configuration Baseline (USGCB)
- Center for Internet Security Benchmarks
I will compare and contrast these 2 standards. I'll show you areas covered by only one of standards and discuss key differences in their recommendations where they do overlap. I'll help you decide which standard to use or whether to use parts of both. I'll also point out any areas I believe are unaddressed by both standards.
Then we will talk about your options for implementing these standards including group policy, system images and more.
And we will also discuss how to measure your environment and provide assurance to management, auditors and regulators that your systems are in compliance. How should you deal with exceptions?
Dell Software's KACE group is sponsoring this webinar and Ken Chalberg from Dell, an expert in systems management will briefly show you how their technology can help you implement, automate and demonstrate compliance with configuration management and how they have built-in support for these and other standards.
Don't miss this real training for free ™ event. Please register now.