Secure Configuration

Part of the Cyber Maturity series of articles, this section focuses on Secure Configuration.

Quoting the 10 Steps to Cyber Security Guidance Sheets:

By putting in place corporate policies and processes to develop secure baseline builds and manage the configuration and the ongoing functionality of all Information and Communications Technologies (ICT), organisations can greatly improve the security of their ICT systems. Good corporate practice is to develop a strategy to remove or disable unnecessary functionality from ICT systems and keep them patched against known vulnerabilities. Failure to do so is likely to result in increased exposure of the business and its ICT to threats and vulnerabilities and therefore increased risk to the confidentiality, integrity and availability of systems and information.

The specific recommendations are:

  • Develop corporate policies to update and patch systems
  • Create and maintain hardware and software inventories
  • Lock down operating systems and software
  • Conduct regular vulnerability scans
  • Establish configuration control and management
  • Disable unnecessary input/output devices and removable media access
  • Implement white-listing and execution control
  • Limit user ability to change configuration

What are your experiences in this area? How are you managing these controls?
Please share with the community in the comments area below.


Where is good practice referenced? Please let the community know in the comments area below.

The pages referenced in this series of blog articles are derived from the  10 Steps to Cyber Security Guidance Sheets published by BIS and GCHQ in this press release.
The documents are Crown Copyright and used here with permission under the government open license.

Please join the discussion, we welcome your views...

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: