RISK MANAGEMENT

Minimum Security Baselines

Essentials

A Minimum Security Baseline (MSB) is a minimum information security configuration standard, sometimes referred to as an organization’s internal “best practices.” They can be applied toward many areas within an organization; such as: router, switch, firewall, server or a site. These configuration standards detail many important items such as security patch minimums, disabling unnecessary services, or determining the number of required physical locks and surveillance cameras.

Benefits

Unfortunately, many believe that throwing additional security technology at an area is the best preventative security “medicine.” However, applying standard information security configurations to hardware and software as well as adding physical security measures is fundamental in building a comprehensive and sustainable information security program. Minimum Security Baselines can also be integrated into the Internal Vulnerability Scan process. Many times, vulnerability scanners report vulnerabilities that the organization has already determined to be an acceptable risk. Minimum Security Baselines can be used to quickly eliminate these vulnerabilities from the list findings of the scanner’s reports. This process may save the person in charge of the Internal Vulnerability Management process a significant amount of time.

Expertise

SecureState has experts in all facets of security, with many combined years of experience implementing and configuring hardware and software in a secure manner. We help many organizations not only build Minimum Security Baseline (MSB) templates, but have also automated the process of integrating MSBs into the organization as well.

Get Scoping Questions Now!

Fill in your details and you can download a FREE questionnaire to ask your vendors.

Your Name

Your Phone

Your Email

Your Company

We will not share or distribute your email to anyone. It will be used solely to contact you about the service you have inquired about.

Did You Know?

MSBs apply to systems, applications, network devices and even physical locations
MSBs should be reviewed annually to ensure they are current against new attacks
There are a number of free MSB templates available online. A common misconception is you can simply download one of these MSB templates and apply them to your systems to secure them. In reality, this will most likely make the system unusable and break the applications that run on the systems
MSBs need to be customized to your systems to ensure they do not break your systems or applications
MSBs should be created for operating systems, applications, databases and network devices deployed in your environment.
Creating an MSB document is just one step in the process needed to gain value and security advantages that MSBs have to offer

Our Approach and Methodology

SecureState take a multiphase process to developing and implementing MSBs. First, SecureState reviews existing MSBs or creates an initial draft, if it is a new MSB. Next, SecureState collaborates with IT to create a final version of the MSB. Once a final version is created, the client’s IT organization implements the MSB into production; this also includes base images used to create new systems. Once the MSBs are in production, it is critical to test and validate that the MSBs in fact have been applied correctly. Based on the testing, emerging threats and changes in the environment of the MSB will be improved. These improvements will then be funneled back into the existing MSB and the cycle outline will be repeated. It is critical to repeat these steps on a regular basis to ensure MSBs stay current and relevant.

What Makes Us Different

MSBs are designed by experts in system hardening
MSBs are reviewed by our penetration testing team

Related Services

Downloads

We Can Help You

Generate New Image

Enter the code from above.