To create a secure digital profile, organizations need digital integrity. This principle encapsulates two things. First, it upholds the integrity of files that store operating system and application binaries, configuration data, logs and other crucial information. Second, it protects system integrity to make sure applications, endpoints and networks perform their intended functions without degradation or impairment.
Digital integrity is possible only through the merging of people, process and technology into a holistic framework. Such an effort can be difficult without proper guidance. Fortunately, several of the Center for Internet Security’s Critical Security Controls (also known as the CIS Controls) can help. Organizations should pay particular attention to these security measures:
- CIS Controls 3, 5 and 11 together help organizations continuously manage their vulnerabilities, harden critical endpoints and monitor for unexpected changes.
- CIS Control 17 aids organizations in creating a security awareness training program for their employees that helps maintain skills and competencies.
- CIS Control 6 supports organizations in their development of an audit log policy and implementation of proactive change management.
With those controls, businesses can abide by the following six steps to establish and maintain a profile of digital integrity.
Step 1: Establish a Configuration Baseline for Your Infrastructure
Organizations need to understand how their assets are configured. Towards this end, they can use CIS Controls 5 and 11 to create a configuration baseline that allows them to manage configurations, catalog acceptable exceptions and issue alerts for unauthorized changes. Enterprises should design that standard in such a way that it applies to all authorized endpoints.
Step 2: Determine the Critical Files and Process You Need to Monitor Your Baseline
With a baseline in place, organizations need to monitor it using their critical files and processes. They can apply CIS Controls 7-17 to refine their monitoring processes to include endpoint (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/security-controls/6-steps-for-establishing-and-maintaining-digital-integrity/