CIS #4: Secure Configuration of Enterprise Assets
We are focusing on Control #4 from the Center for Internet Security. This control focuses on the secure configuration of enterprise assets, such as:
Portable and Mobile Devices (laptops and cell phones)
Network Devices (switches, access points, printers)
Internet of Things (IoT) Devices (smart devices like thermostats, cameras, appliances, etc.)
To ensure that these devices are safely communicating on the internet as well as on your local network, security features and policies must be enabled and adjusted. These Secure Configurations keep your data and network traffic from falling into the wrong hands, and include the following:
Enforcing automatic screen locks
Updating software and firmware
Enabling hardware and software firewalls
Using next-generation antivirus/antimalware
Accessing devices via secure ports
Disabling default accounts
Limiting device management to secured network protocols
These configurations along with the encryption and secure disposal of end-user devices are vital defenses in the ever-changing landscape of cyber security.
If you have any questions about your organization’s enterprise assets and their secure configuration, please call us at 719-264-1384 and ask to speak to your Team Manager!