sitegenius.blogg.se - Cis benchmark

#Cis benchmark pdf
#Cis benchmark for windows 10
#Cis benchmark plus

The negatives of implementing the CIS Microsoft Intune for Windows 10 benchmarks are: It’s intended for highly secure locations such as government facilities, or for extremely sensitive/secret departments.

The Level 2 + BitLocker + Next Generation Windows Security, specifically, is a very thorough baseline.

Extremely thorough investigation with details, providing admins with the exact reasons why to apply each listed setting.

The positives of implementing the CIS Microsoft Intune for Windows 10 benchmarks: Read more: Taking Control of Your Unmanaged PCs with Intune CIS Policy Highlights and Lowlights Completing just Level 1 with BitLocker of the CIS benchmark took a couple of evenings to finish, so my opinion could be clouded by the fact that working with these recommendations requires a substantial time commitment. For the purposes of this article, I created three Microsoft 365 tenants with Office 365 E5 licenses and configured a benchmark on each tenant. However, the implementation of the CIS benchmark is painful. Each recommendation typically contains the following information: In terms of the recommendations, the benchmark is highly informative.

Next Generation Windows Security (NG) – optional add-on for use in the newest hardware and configuration environments.

BitLocker (BL) – optional add-on for when BitLocker is deployed.

Level 2 (L2) + BitLocker (BL) + Next Generation Windows Security (NG).

Level 2 (L2) + Next Generation Windows Security (NG).

Level 2 (L2) – High Security/Sensitive Data Environment (limited functionality).

Level 1 (L1) + BitLocker (BL) + Next Generation Windows Security (NG).

Level 1 (L1) + Next Generation Windows Security (NG).

Level 1 (L1) – Corporate/Enterprise Environment (general use).

Within the document there are Policy Definitions that provide IT admins options for configuring Intune to various levels of security.

#Cis benchmark pdf

The benchmarks themselves come in PDF format, and the document for Windows 10 and Intune is over one thousand pages. The first step is to fill out a form, and after a couple of hours (in my case) you will receive an email with a list of different CIS Benchmarks. It should be noted that the benchmark is a little difficult to access. Although many aspects of this benchmark are still relevant to later versions of Windows 10 (it was last updated in May of 2021), there have been no updates to reflect versions past 2004 or Windows 11. The first thought many will have, is that this latest CIS benchmark is for an OS that is now out of support as of December 14, 2021. To begin with, the CIS Microsoft Intune for Windows 10 Release 2004 Benchmark was released on May 18, 2021. Read more from Randy Franklin Smith: Windows Laptops, Remote Work and Today’s Threat Landscape CIS Benchmark In this article, I explain the guidance from each organization, while providing a gap analysis between the baselines. Many customers ask about the differences between the guidance provided by NCSC, CIS, and Microsoft’s pre-configured security baselines for Intune. However, I was tasked recently by a client with ensuring Windows desktops are secured using benchmarks provided by the Center for Internet Security (CIS) – an independent, non-profit organization based in the United States.

#Cis benchmark plus

In the UK, the National Cyber Security Centre (NCSC), is a government entity that provides recommendations to help companies gain status such as the Cyber Essentials Plus certification. One of the most important requirements for organizations that wish to use Microsoft Intune is the security baseline of the device.

Microsoft Intune Security Baseline Policy Highlights and Lowlights.Different Recommendations to Choose From.