When companies struggle with what to do and how to demonstrate their Cyber Security efforts many turn to ISO27001 & ISO27002. These frameworks are excellent for showing compliance but not well suited for prioritizing, measuring and implementing practical it-security initiatives. To that end you will need a consensus based framework - such as CIS 20 critical security controls® which include detailed practical and prioritized advice exactly on how to implement Cyber Security.
A well-maintained Asset Inventory Database is key in building a more comprehensive security program based on the CIS Critical Security Controls®. The first two controls, Inventory of Hardware Software Assets rely heavily on the Asset Inventory Database. As the CIS® Controls are prioritized, your efforts should be focused on the first 6 controls - also named the Cyber Hygiene Controls or Basic Controls. Lansweeper can be used to support additional controls but as the controls are most effective when implemented in order, we’ll focus on how Lansweeper can support your CIS® compliance for these first 6 controls below.
Achieving the necessary Cyber Security posture is a process that requires a technical know-how based on the analysis of which risks pose the greatest to the organizations business targets. Draware is a Danish software and security expertise company founded in 1995 with around 1.000 Danish and Nordic customers. Draware provides the expertise, software solutions and security projects based on the CIS® controls to bring your organization to a security posture that matches the risks that your business is facing.
Lansweeper will continously detect hardware assets on your network and report on the changes in hardware assets, as well as newly discovery devices. By implementing this a project where the first discovery leads to your authorized devices followed by a process where you either authorize or remove new devies that lansweeper automatically discoves, you will comply with the first CIS® control. Use Lansweepers Custom properties and grouping function to devide your hardware assets into specials groups such as "Most Critical Devices" and "Devices Related to PII".
Lansweeper will automatically discover the software (including version) on all you hardware assets given the right credentials. You must implement a process for removing unwanted software from your network thereby leaving only authorized software on the authorized devices. Lansweepers out-of-the-box reports will help you identify and mark software as Allowed, Denied and Neutral. Lansweeper’s deep Microsoft SQL identification and discovery will help you to identify, map and maintain databases with sensitive information and SQL versions that are EOL, OOS and thus do not support handling of PII.
Where software versions can be identified, vulnerability reports check if the software is not missing any security patches which could leave it exposed. Easily assess whether a particular software-related vulnerability has been addressed as Lansweeper continously publishes audit reports to address trending vulnerability issues such as BlueKeep, Zombieload, or SWAPGS. List the results in an Audit Report, a dashboard, or set up email alerts to reveive the report output straight into your inbox.
Maintain "the principle of least privilege" as Lansweeper tells you which users have Local Administrative Rights on an asset-by-asset basis. Capture all the unauthorized administrators and control who can manage your assets, highlight which users and which groups you need to "groom" to reduce admin privileges. Lansweeper’s integration with AD let's you audit individual administrative accounts and see detailed AD User information including account state and password audit data.
The CIS® Benchmarks help you implement secure software and hardware configurations. A substantial number of the recommendations such as Processes, Services, Shares, Registry settings, System settings and BitLocker status can be checked and reported on in Lansweeper. Check end of life Firmware versions for network devices and scan for the existance or absence of specific files and registry keys for complete CIS® benchmarking.
Utilize the wealth of event log information available to keep an eye on anything which might indicate a security risk. Although Lansweeper is not a fully-fletched log management system, it will automatically collect logs from Windows servers and desktops. Event logs can be selected by source and searched, reported and exported. Built-in error log and user logon reports help you identify inconsistencies on automatically-collected log information.