The Center for Internet Security (CIS) has developed a set of security benchmarks to help organizations improve their security posture. These benchmarks are a collection of best practices that cover a wide range of security controls, including access control, network security, and data protection. In this blog post, we’ll explore the value of getting to the Center for Internet Security Level 1 benchmark and the process of applying Benchmark group policies to Member Servers, Workgroup Servers, Domain Controllers, and Domain Level in the Active Directory. We’ll also discuss the deep integration with Microsoft with pre-hardened CIS Images in Azure, and the CIS Vulnerability Scans available in MDE ATP.

Benefits of Getting to CIS Level 1

Getting to CIS Level 1 benchmark is a critical step in improving an organization’s security posture. By implementing these benchmarks, organizations can achieve the following benefits:

  1. Improved security: CIS benchmarks are based on industry best practices and provide comprehensive controls to improve security posture.
  2. Compliance: Meeting CIS benchmarks helps organizations comply with regulatory requirements such as HIPAA, PCI, and GDPR.
  3. Cost-effectiveness: Implementing CIS benchmarks is a cost-effective way to improve security posture. It provides a roadmap for implementing best practices and can reduce the likelihood of security breaches.

Applying Benchmark Group Policies

Applying CIS benchmark group policies to Member Servers, Workgroup Servers, Domain Controllers, and Domain Levels in Active Directory is straightforward. CIS provides detailed documentation on the configuration requirements for each benchmark, which can be used to create group policies in Active Directory. The following are the basic steps to apply benchmark group policies:

  1. Download the CIS benchmark documentation for the relevant platform.
  2. Review the configuration requirements and create group policies in Active Directory to enforce them.
  3. Test the group policies on a test environment before deploying them in production.
  4. Roll out the group policies to Member Servers, Workgroup Servers, Domain Controllers, and Domain Levels in Active Directory.

Pre-hardened CIS Images in Azure

Microsoft offers pre-hardened CIS images in Azure, designed to meet CIS benchmark requirements out of the box. These images are based on the latest versions of Windows Server and provide a secure starting point for deploying servers in Azure. By using these images, organizations can save time and effort configuring servers to meet CIS benchmarks.

CIS Vulnerability Scans in MDE ATP

MDE ATP offers CIS vulnerability scans, which can help organizations identify security vulnerabilities not covered by traditional security controls. These scans are based on the latest CIS benchmarks and provide a comprehensive view of an organization’s security posture. As a result, organizations can identify and remediate security vulnerabilities by using these scans before attackers exploit them.

Conclusion

Getting to CIS Level 1 benchmark is essential in improving an organization’s security posture. Organizations can improve security posture, achieve compliance, and reduce the likelihood of security breaches by applying benchmark group policies to Member Servers, Workgroup Servers, Domain Controllers, and Domain Levels in Active Directory. In addition, the deep integration with Microsoft with pre-hardened CIS Images in Azure and the CIS Vulnerability Scans available in MDE ATP provides organizations with additional tools to improve security posture and protect against emerging threats.

Thanks,

John O’Neill Sr. rMVP