In our last blog, we started a new series that focuses on security recommendations from the Center for Internet Security (CIS). As a reminder, the CIS framework consists of 18 controls that are organized by importance.
We previously discussed control #1 which was inventory and control of enterprise assets. This month, we are focusing on Control #2 which calls for an actively managed software inventory.
CIS Recommends that every organization should:
Make an inventory of all software installed on enterprise assets
Confirm what software is and is not authorized
Confirm what software is being actively updated and supported by the software author
Confirm that all software is properly licensed
Document any exceptions and detail controls and risk acceptance
Review monthly and take action to remove unauthorized software
CHTS is happy to assist you with your organization’s software inventory and make recommendations for how to monitor it! Call us at 719-264-1384 and ask to speak to your Team Manager.