June 29, 2022
Your network's components are not all equally significant. A successful attack on one of your assets, allows for lateral movement, and if there are no obstacles in the road, the attacker's work is made much easier.
Separating networks and permitting just the necessary connections can help to secure your infrastructure. It helps with the containment of attacks, faster response in preventing the spread, and, at the absolute least, it can slow the threat actor, allowing you some more time to respond effectively, decreasing the risk on other network components.
There is an old saying in security that "you can't defend what you don't know you have," and knowing what constructs the infrastructure you have is a critical step in adopting adequate security measures.
One key source of the lack of visibility is the decentralised management of infrastructure, such as the increasing usage of cloud services, which has made it relatively easy to spin up 100 instances in minutes, resulting in, as previously said, a lack of visibility and control in some circumstances.
There are several techniques to ensure excellent asset management, and they are not necessarily limited to centralised administration; if your business structure necessitates dispersed management, then strong coordination and communication will ultimately work, and result in keeping you aware of what you have, knowing what it does, and how to protect it.
Various organisations have created a multitude of minimum security baselines that may be utilised. These baselines contain granular controls for the most prevalent technologies used by enterprises, such as Microsoft Windows operating systems, most web browsers, multiple Linux distros, and many more.
Organizations may use these baselines to harden their assets and improve their overall security, and because most businesses rely on Microsoft AD, implementing these baselines through GPO needs no financial investment in a new technology, making it a highly appealing step to take.
Secure operating environments are gold images that you can use to create and configure your new assets; this method, for example, streamlines the version of OS and the apps that all of your endpoints have.
Building the gold image and keeping it secure by patching and incorporating the bare minimum 3rd party application gives a strong basis for all your new assets, resulting in fewer vulnerabilities in every new asset that you generate.