Exerting Critical Security Control Over Your Enterprise – CIS Control #1 — Network Consulting Services, Inc. - NCSi

News & Tech Alerts

The latest news and information from NCSI

The Center for Internet Security, in conjunction with the global internet security community, has developed a set of 20 Critical Security Controls which, when implemented, reduce the risk of cyber-attack up to 94%.  Just implementing the first five controls can increase risk reduction by 85%.

 

Critical Security Controls
Our engineers focus on implementing these 20 CIS Critical Security Controls for NCSi clients, with half-a-dozen carefully selected security software vendors to achieve this goal [See our full battle plan here]. You benefit from the knowledge and expertise of an entire international community focused on your network’s security.


CIS CONTROL #1
Inventory of Authorized and Unauthorized Devices:   Actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access.


 

In short, you must create a network device inventory. All devices on your network need to be identified, authorized, have their software patched if it’s not up-to-date, or deleted from the network if the device is unauthorized. This process needs to happen for all devices already on the network, and for every device that attaches itself to the network in the future. This monitoring must be done for virtual devices too.

 

Ivanti Endpoint Management
There are many scenarios under which a device can connect to your network, and these scenarios must be checked always. Network device checks are both active and passive. NCSi partners with Ivanti, a software vendor who makes endpoint management software to accomplish this control. Ivanti’s (formerly LANDESK) Endpoint management software embodies what Critical Security Control #1 specifies. It monitors all devices coming onto the network — or that are already there — and assesses them, then manages them. If they are unauthorized, you are alerted, and they are kicked off. If they need software updates, they receive them. The devices and software are then integrated with the rest of your network operations.

 

Endpoint Management Benefits
Ivanti Endpoint Manager (IEM), in support of Critical Security Control #1, offers immediate benefits. IEM prevents unauthorized access, alerts you to potential breaches, and responds automatically to attacks. Your device inventory database is automatically updated. You do not have to send someone to a remote site to conduct a physical inventory. This benefit alone saves an enormous amount of time and money for any sized enterprise.

 

Some of the features and benefits of the Ivanti Endpoint Manager:

ENDPOINT MANAGEMENT
Discovery, inventory, and configuration of all network devices — PCs, laptops, servers, tablets, and smartphones. Anything that uses an IP address is managed.

OS PROVISIONING
Simplify OS imaging — migrate or deploy to the latest iteration of Windows, Mac, or Linux operating systems. Automated updates from a single source saves time and money.

SOFTWARE DISTRIBUTION
Provides an app store experience and supports user groups —  automatically downloads software to the proper devices.

PC AND MAC REMOTE CONTROL
Interact remotely and securely with desktop users — repair their computer problems and train them from anywhere. Maintain a single support team or staff member in one location.

APPLE AND MAC MANAGEMENT
Experience enterprise Mac and iOS device management including inventory, software, and OS deployment. Provide simple Apple integration into Windows and Linux networking environments.

POWER MANAGEMENT
Implement green IT. Report on actual energy utility savings. Save money with power consumption reporting.

 

Further Security Requirements
NCSi proudly partners with Ivanti to achieve certain technological goals. The Critical Security Controls are an important industry guide. But it’s not enough to only identify and block the initial attacks of hackers and malware. You must also recognize compromised devices, as well as prevent future attacks. There must be a concerted effort to:

  •  Harden device configurations
  • Identify compromised devices
  • Disrupt attackers’ control of malicious code
  • Establish adaptive, continuous, defensive response capability

 

In future articles, we will examine the remaining 19 Critical Security Controls. All the CSCs follow the Five Critical Tenets of an effective cyber defense system:

  1. Offense Informs Defense: Use real-world knowledge to defend against real-world attacks.
  2. Prioritization: Invest first in the greatest risk reduction controls. Here, usually CSCs 1-5.
  3. Metrics: Establish common metrics, so everyone from Execs to IT to audit staff speaks the same language.
  4. Continuous Diagnostics and Mitigation: Constantly test and evaluate security effectiveness and act on the results.
  5. Automation: Automate security defenses for consistent, reliable, and scalable results.

 

Creating a device inventory is the first step in implementing Critical Security Control #1. We have partnered with Ivanti to ensure that this first of 20 international standard Critical Security Controls can be put into place quickly in your enterprise. Based on your resources, making sure that you have NCSi’s engineers implement as many of the CSCs as possible will reduce your risk of cyber-attack by as much as 85% – 94%.

 

Follow our entire 20 article series on Critical Security Controls, and if you have any questions or wish to implement the security and safety of these controls immediately be sure to download our complete Security Controls battle plan and  contact us at 855-864-3734.