Endpoint System Compliance Scanning

You have a great firewall, and it provides you VPN tunnels, your users enjoy connecting to your critical information from their home computers or BYOD devices all day. So how were you crippled by Ransomware when you have EDR, IPS, IDS and every other security device running on your network? It is because you did…

Nist 800 -171 3.1.12

Monitor and control remote access sessions. This control is about how endpoints connect to your network and how you deal with them. The first way is to have a VPN (Virtual Private Network) encrypts access to your network and since you have limited access in previous controls to cut to authorized individuals, those people should…

NIST 800 -171 3.1.11

Terminate (automatically) a user session after a defined condition. The object of this control is to end a user session after a timeout period. This can be done again by using the GPO, Group Policy Object capabilities in windows. You can also leverage your other products that have timeout features to accomplish this goal. Most…

NIST 800 -171 3.1.10

Use session lock with pattern-hiding displays to prevent access/viewing of data after a period of inactivity. You can control when a screen saver will pop up with the Global Policies Object in windows. You will need to use GPO’s later so start getting used to setting up GPO’s for specific controls. You need to set…

NIST 800 -171 3.1.5

Employ the principle of least privilege, including for specific security functions and privileged accounts. What is the principle of least privilege? It is when you give a person’s account the bare minimum of permissions and capabilities they need to do their job. You basically lock their account down to the point that they can’t access…

Compliance risk man in the computer

NIST 800 -171 3.1.4

Separate the duties of individuals to reduce the risk of malevolent activity without collusion Malevolent Activity is when someone is trying to inflict harm on an entity like a person, government or company. Organizations must separate CUI handling and processing based tasks that employees work on in order to minimize the chance that they could…

NIST 800 – 171 3.1.3

3.1.3 Control the flow of CUI in accordance with approved authorizations CUI is Controlled Unclassified Information. This is the data that needs to be protected and you need to protect how it arrives, who has access to it, who might have access to where it is stored, how it is stored, etc. You need to…

NIST 800 – 171 3.1.2

Limit information system access to the types of transactions and functions that authorized users are permitted to execute. Once you have a domain and you have identified who will have access to the sensitive data, you will want to restrict access to those systems from any ordinary user or member of your network from accessing…