CIS Control 09: Email and Web Browser Protections
Web browsers and email clients are used to interact with external and internal assets. Both applications can be used as a point of entry within an organization. Users of these applications can be manipulated using social engineering attacks. A successful social engineering attack needs to convince users to interact with malicious content. A successful attack could give an attacker an entry point within an organization. CIS Control 9 provides several safeguards to ensure safety of external information.
Key Takeaways for Control 9
Web Browsers
Web browsers can be protected by the following: updating the browser, enabling pop-up blockers, enabling DNS filtering, and managing plugins. Always update web browsers to the latest version to fix known issues. Enable pop-up blockers to block malicious pop-up messages from being displayed to users. DNS filtering blocks access to malicious domains and protects users from navigating to them. Managing plugins can protect users from potentially installing malicious plugins.
Email security can be increased by proper social engineering training, spam-filtering/malware scanning, domain-based message authentication, encryption, and file type filtering. Increasing the frequency of social engineering training allows users to successfully spot phishing and business email compromise (BEC). Spam-filtering and malware scanning can be used to reduce malicious emails. Another way to reduce malicious emails is to use domain-based message authentication, reporting, and conformance (DMARC). DMARC filters email based on the alignment of policies and removes any that do not conform. Encryption can be used to ensure that the contents remain private. File type filtering can be enabled to protect users from receiving malicious content.
Safeguards for Control 9
1. Ensure Use of Only Fully Supported Browsers and Email Clients
Description: Ensure only fully supported browsers and email clients are allowed to execute in the enterprise. Use only the latest version of browsers and email clients.
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Andrew Swoboda. Read the original post at: https://www.tripwire.com/state-of-security/controls/cis-control-09/