9 hours 54 minutes
everyone welcome back to the course. So in the last video, we took a look at control number four, which again is a controlled use of administrative privileges.
In this video, we're to talk through control number five, which is a secure configuration for our hardware and software on mobile devices, laptops, workstations as well as the servers.
So we're to talk about what C. S Control five is why it's important. And this well as a brief overview of these sub controls.
So, as I mentioned control over 56 secure configuration for hardware and software on mobile devices, laptops, workstations and servers.
And really, the focus here
is on it is with generalized manufacturers. What they're doing is they're pushing off systems, they're pushing out software, and it's not necessarily intended to be secure, right, so they're pushing it out because they want to get it out there. But it's really usually designed insecure by default. So the leaving, like extra ports open and they're leaving
known vulnerabilities in place.
So what she wanted, because their focus again is on ease of use, ease of deployment, Right, Let's get it out there. Let people use it like people buy it, so we're gonna be more revenue into the company.
So you also find things like default admin credentials in place. So again, going back to what we talked about earlier changing those default, having credentials, right,
taking a look at and seeing what ports are open that shouldn't be open.
So sub control 5.1, establishing secured configurations, right? So we just want to make sure that
do we have documented security configuration standards that if we bring in new operating systems or we bring in updates, will bring a new software to our company. Do we have things in place that say,
We need to make sure that it's got this type of baseline in place or we need to establish this type of baseline as soon as possible after implementation. So again, just make sure we've got that type of documentation, that framework in place,
some control. 5.2, Maintaining secure energies. I'll actually share a story from health care, and I'll talk about this as well. When we go over the sub controls a little more in depth, we map them to the CSF. But
I worked at a health care organization and they had an intranet and they had the links to the various downloads for the internal software they were using, Right,
But they didn't actually make sure those were secure images. And so what happened was
some Attackers got in the alter those images and put malware in there. So every time the i T department would say, Hey, we've got this new update on the software and people go to downloaded it kept re infecting all the systems across the network, right? It took a little time to figure that out. And so that's why I'm talking about here, maintaining secure images
so that we've got backups in place. You've got secure templates that people can go to,
and they know that this is a trusted type of image that they can download to their remote system and get the software update that they need
sub control 5.3 securely storing those images. So again, kind of going back to the having a secure image as well as storing the masters of those. So that way you can come back and put that new one out there. Right? So, as an example of the health, health, health care organization. Once they realized what was occurring, they did have
securely stored master images that they could grab from
and push out to the network.
Some control. 5.4 Deploying System Configuration Management Tools He just makes your life a lot easier to push out those software updates as well as when you're up Teoh when you're bringing in and new software and try to update that as well, so primarily, you'll see this with Groups two and three. Not so much usually with a small business owner.
And then finally, we have some control. 5.5. That's where we're gonna implement an automated configuration monitoring system. Eso again just verifying that all security configuration elements are approved. Exceptions. We get. Basically, we get alerted when any changes are made when it's in any author on honey on authorized changes. Excuse me
when we get any type of changes at all,
that's where we want to be alerted to it. So that's why we need that configuration monitoring system in place so primarily again. You'll see this with groups in two and three because they've got the budget for this type of thing as well as a dedicated resource is for this.
So in this video, we just talked through control number five. So again, control number five is just secure configuration for our hardware and software on our mobile devices, laptops, workstations, etcetera like servers.
In the next video, we're gonna talk through control number six, which is more about the maintenance, monitoring and analysis of our audit logs.