Skip main navigation

Organization Preparations

.

Overview

There are several ongoing preparations that an organization can take to improve their overall approach to information security. These include:

  • Developing a baseline security posture
  • Classifying information
  • Implementing change tracking and auditing
  • Monitoring and reporting

Baseline security posture

A baseline security posture represents an organization’s desired or expected security configuration. Unfortunately, many organizations haven’t achieved their stated baseline security posture. For example, organizational policy might dictate that information systems be kept patched with any security update released by a vendor 30 or more days ago, but many systems within the organization may not have been updated due to lack of resources.

An organization’s baseline security posture should be measurable where possible and appropriate. For example, Microsoft provides the Security Compliance Toolkit which can be run against Windows based systems to assess which controls and settings comply with recommended baselines and which controls and settings may need to be modified to reach a compliant state.

More information: You can find out more about the Security Compliance Toolkit at: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-compliance-toolkit-10

An organization’s baseline security posture should also include policies around the use of administrative accounts, privileged access workstations, as well as technologies such as privileged access management and just enough administration. For example, it is far more difficult for an attacker to compromise a DNS server if the only way that the DNS server can be managed is through a JEA endpoint accessible only to privileged access workstations, which is available to a user only after a successful privileged access management request, than if the DNS server can be managed from any domain joined workstation in the organization at any point in time.

An organization’s security posture should also involve policies and configurations that restrict lateral movement. This would include deploying code integrity policies on servers to restrict the execution of unauthorized code and scripts, segmenting networks so that sensitive servers are only accessible to authorized hosts, ensuring that common local accounts and passwords aren’t used, and that software patches and updates are applied in a timely manner.

The challenge is to balance the organization’s need to perform work tasks with a minimum of inconvenient steps with the need for security. For example, whether it is necessary for users to enter a BitLocker PIN each time they start their workstation or whether that requirement only makes sense on privileged access workstations used by the administrators of information systems.

The baseline security posture is a work in progress. An organization should always be looking to improve its baseline security posture and should regularly engage external penetration testers to run red team exercises to assess the current security configuration for vulnerabilities.

This article is from the free online

Microsoft Future Ready: Fundamentals of Enterprise Security

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education