Center for Internet Security (CIS), a 501(c)(3) nonprofit, today
announced its collaboration with Microsoft
Corp. in developing a set of security resources that provide
organizations using Microsoft Windows 8, Windows Server 2012 and
Internet Explorer 10 with comprehensive guidance to help enhance the
configuration security of those deployments. CIS and Microsoft worked
with other security experts in government and industry to create these
consensus-based, best practice tools, which are available for free
through Microsoft's Security
Configuration Manager (SCM) and CIS's
secure configuration benchmarks.
The Microsoft SCM enables rapid configuration and management of
computers, traditional datacenter architectures and private cloud
environments using Group Policy and Microsoft System Center
CIS has issued secure configuration benchmarks for Windows
Server 2012 and Internet
Explorer 10. These benchmarks provide users guidance on the
security-focused configuration controls that should be applied for each
of the Microsoft technologies, specific procedures on how to implement
those recommendations, and audit procedures to then verify that those
controls were correctly implemented.
Consumers of Microsoft products can now confidently adopt a secure
configuration posture that incorporates the collective expertise of
industry experts and both CIS and Microsoft.
"Working closely with our technical communities, CIS members and other
partners to produce secure configuration best practices is one of CIS's
primary objectives," said Blake Frantz, CIS Director of Benchmark
Development. "We're excited to jointly pursue that objective with
Microsoft and provide our mutual communities consistent best practices
for securing the products they depend on."
"We're pleased to announce a security configuration baseline built with
consensus from Microsoft, government agencies around the world and the
Center for Internet Security," said Chase Carpenter, Product Unit
Manager, Microsoft Solution Accelerators for Security and Compliance.
"This effort marks the unification of several industry standards to help
simplify deployments and increase supportability of Microsoft
More information on security baselines can be found using Microsoft
Security Compliance Manager and is available at http://www.microsoft.com/scm.
More information on CIS secure configuration benchmarks is available at http://benchmarks.cisecurity.org.
About The Center for Internet Security
for Internet Security (CIS) is a 501(c)(3) not-for-profit
organization focused on enhancing the cyber security readiness and
response of public and private sector entities. Through its three
ISAC and Trusted
Purchasing Alliance-CIS serves as a central resource in the
development and delivery of high-quality, timely products and services
to assist our partners in government, academia, the private sector and
the general public in improving their cyber security posture. Visit CIS
online at http://www.cisecurity.org;
see our latest news at https://www.cisecurity.org/about/news-room/;
follow us on Twitter @CISecurity.
[ Back To NFVZone's Homepage ]