- #Cis benchmark scripts pdf#
- #Cis benchmark scripts for windows 10#
- #Cis benchmark scripts windows 10#
- #Cis benchmark scripts plus#
Like the Center for Internet Security (CIS), they provide guidance for configuring Windows 10 for Intune and their Intune guide is available online. The National Cyber Security Centre supports UK organizations by being a single point of contact for security issues that affect SMEs, large organizations, and government agencies. If there are any future changes (minor or major) to the CIS benchmark, it could possibly make things more difficult to update, especially if you need to scan another 1000-page document.
#Cis benchmark scripts for windows 10#
The latest guidance is for Windows 10 2004, which is now out of support.By CIS’ own admission, Level 2 protection “may negatively inhibit the utility or performance of the technology and limit the ability of remote management/access.”.You potentially run into the instance of laptops being “overprotected,” which could influence user productivity if Level 2 protection is enabled.It takes an exceptionally long time to implement the baseline with no importable JSON or PowerShell scripts to ease the implementation.The negatives of implementing the CIS Microsoft Intune for Windows 10 benchmarks are:
It’s intended for highly secure locations such as government facilities, or for extremely sensitive/secret departments.
The positives of implementing the CIS Microsoft Intune for Windows 10 benchmarks: Read more: Taking Control of Your Unmanaged PCs with Intune CIS Policy Highlights and Lowlights Completing just Level 1 with BitLocker of the CIS benchmark took a couple of evenings to finish, so my opinion could be clouded by the fact that working with these recommendations requires a substantial time commitment. For the purposes of this article, I created three Microsoft 365 tenants with Office 365 E5 licenses and configured a benchmark on each tenant. However, the implementation of the CIS benchmark is painful. Each recommendation typically contains the following information: In terms of the recommendations, the benchmark is highly informative.
#Cis benchmark scripts pdf#
The benchmarks themselves come in PDF format, and the document for Windows 10 and Intune is over one thousand pages. The first step is to fill out a form, and after a couple of hours (in my case) you will receive an email with a list of different CIS Benchmarks. It should be noted that the benchmark is a little difficult to access. Although many aspects of this benchmark are still relevant to later versions of Windows 10 (it was last updated in May of 2021), there have been no updates to reflect versions past 2004 or Windows 11. The first thought many will have, is that this latest CIS benchmark is for an OS that is now out of support as of December 14, 2021. To begin with, the CIS Microsoft Intune for Windows 10 Release 2004 Benchmark was released on May 18, 2021. Read more from Randy Franklin Smith: Windows Laptops, Remote Work and Today’s Threat Landscape CIS Benchmark In this article, I explain the guidance from each organization, while providing a gap analysis between the baselines. Many customers ask about the differences between the guidance provided by NCSC, CIS, and Microsoft’s pre-configured security baselines for Intune. However, I was tasked recently by a client with ensuring Windows desktops are secured using benchmarks provided by the Center for Internet Security (CIS) – an independent, non-profit organization based in the United States.
#Cis benchmark scripts plus#
In the UK, the National Cyber Security Centre (NCSC), is a government entity that provides recommendations to help companies gain status such as the Cyber Essentials Plus certification. One of the most important requirements for organizations that wish to use Microsoft Intune is the security baseline of the device. Microsoft Intune Security Baseline Policy Highlights and Lowlights.Different Recommendations to Choose From.
0 kommentar(er)
