Advancing Organizational Security with CIS Cybersecurity Settings

In the fifth segment of the Senteon and CIS webinar series, the discussion shifts towards more advanced cybersecurity settings recommended by the Center for Internet Security (CIS) and their implications for organizational security. Sean Higgins, alongside the hosts, delves into the nuances of these settings, offering insights into how they can bolster an organization’s defense mechanisms.

Auditing and Limiting Diagnostic Data

The conversation begins with an emphasis on the importance of auditing actions performed by the mysterious “One Settings” service and limiting diagnostic data collection. Higgins stresses the need for organizations to log activities related to One Settings to ensure any actions it performs are monitored and recorded. This approach is crucial for maintaining visibility over the system’s operations and for forensic analysis in case of security incidents.

Moreover, Higgins advocates for limiting the collection of diagnostic logs and memory dumps. The rationale is to minimize the exposure of sensitive information that could be contained within these logs and dumps, such as passwords or proprietary data. By controlling what is collected and sent, organizations can reduce the risk of sensitive data falling into the wrong hands.

Managing Insider Builds and Peer-to-Peer Update Sharing

The discussion also covers the management of Insider builds and the configuration of update sharing settings. Higgins expresses a personal affinity for experimenting with Insider builds but acknowledges the risks they pose to organizational stability and security. The recommendation to disable user control over Insider builds is aimed at preventing the introduction of potentially unstable or insecure software versions into the corporate environment.

Peer-to-peer update sharing is another focal point, with Higgins highlighting the security implications of allowing updates to be downloaded from other computers on the internet. The consensus is to either restrict peer-to-peer sharing to devices within the same Active Directory domain or to disable it altogether, ensuring updates are directly obtained from Microsoft to maintain security and integrity.

Disabling App Installer and Experimental Features

Further discussions revolve around disabling the app installer and its experimental features. These settings are crucial for preventing users from installing unapproved software or enabling features that could introduce vulnerabilities. By disabling these options, organizations can maintain a standardized software environment, reducing the attack surface and ensuring that only vetted and secure applications are used.

The Impact of Standardized Settings on IT Support

A significant takeaway from this segment is the impact of standardized, hardened baselines on reducing IT support tickets. Higgins and the hosts argue that a uniform security posture across the organization not only enhances security but also simplifies troubleshooting and support. By starting from a known baseline, IT support teams can more efficiently diagnose issues, leading to quicker resolutions and a more secure computing environment.

Conclusion

This segment of the webinar series offers a comprehensive look at advanced cybersecurity settings recommended by CIS. Through a detailed examination of these settings, Sean Higgins provides valuable insights into how organizations can enhance their security posture. By auditing system actions, limiting diagnostic data collection, managing software updates, and maintaining standardized settings, businesses can protect themselves against a wide array of cyber threats. The discussion underscores the importance of informed decision-making in cybersecurity, highlighting the need for organizations to carefully evaluate and implement security settings that align with their specific needs and risk profiles.

Are you ready to transform your cybersecurity approach? Contact Senteon today for a comprehensive risk assessment, and don’t forget to watch the full webinar video for a deep dive into these strategies with Sean Higgins and other experts. Your journey to cybersecurity excellence starts here.

Full Webinar Episode: https://www.youtube.com/watch?v=mh3GjpFyTXs&t=1s