LANSWEEPER USE CASE
CIS 20 Critical Security Controls®
How to Achieve CIS® Compliance with Lansweeper
What Are the 20 CIS Critical Security Controls®?
When companies struggle with what to do and how to demonstrate their Cyber Security efforts many turn to ISO27001 & ISO27002. These frameworks are excellent for showing compliance but not well suited for prioritizing, measuring and implementing practical it-security initiatives. To that end you will need a consensus based framework - such as CIS 20 critical security controls® which include detailed practical and prioritized advice exactly on how to implement Cyber Security. The CIS® controls include detailed instructions on what to do, how to measure, how to prioritize and how to audit your Cyber Security posture.
Leveraging the IT Asset Inventory Database for CIS® Compliance.
A well-maintained Asset Inventory Database is key in building a more comprehensive security program based on the CIS Critical Security Controls®. The first two controls, Inventory of Hardware Software Assets rely heavily on the Asset Inventory Database. As the CIS® Controls are prioritized, your efforts should be focused on the first 6 controls - also named the Cyber Hygiene Controls or Basic Controls. Lansweeper can be used to support additional controls but as the controls are most effective when implemented in order, we’ll focus on how Lansweeper can support your CIS® compliance for these first 6 controls below
Start Leveraging Your IT Asset Inventory Baseline
Discover Assets You Don't Even Know About & Eliminate Network Blind Spots
CIS® CONTROL #1
Inventory & Control of Hardware Assets
Lansweeper will continously detect hardware assets on your network and report on the changes in hardware assets, as well as newly discovery devices. By implementing this a project where the first discovery leads to your authorized devices followed by a process where you either authorize or remove new devies that lansweeper automatically discoves, you will comply with the first CIS® control. Use Lansweepers Custom properties and grouping function to devide your hardware assets into specials groups such as "Most Critical Devices" and "Devices Related to PII".
CIS® CONTROL #2
Inventory & Control of Software Assets
Lansweeper will automatically discover the software (including version) on all you hardware assets given the right credentials. You must implement a process for removing unwanted software from your network thereby leaving only authorized software on the authorized devices. Lansweepers out-of-the-box reports will help you identify and mark software as Allowed, Denied and Neutral. Lansweeper’s deep Microsoft SQL identification and discovery will help you to identify, map and maintain databases with sensitive information and SQL versions that are EOL, OOS and thus do not support handling of PII.
CIS® CONTROL #3
Continuous Vulnerability Management
Where software versions can be identified, vulnerability reports check if the software is not missing any security patches which could leave it exposed. Easily assess whether a particular software-related vulnerability has been addressed as Lansweeper continously publishes audit reports to address trending vulnerability issues such as BlueKeep, Zombieload, or SWAPGS. List the results in an Audit Report, a dashboard, or set up email alerts to reveive the report output straight into your inbox.
CIS® CONTROL #4
Controlled Use of Administrative Privileges
Maintain "the principle of least privilege" as Lansweeper tells you which users have Local Administrative Rights on an asset-by-asset basis. Capture all the unauthorized administrators and control who can manage your assets, highlight which users and which groups you need to "groom" to reduce admin privileges. Lansweeper’s integration with AD let's you audit individual administrative accounts and see detailed AD User information including account state and password audit data.
CIS® CONTROL #5
Secure Configurations for Hard- and Software
The CIS® Benchmarks help you implement secure software and hardware configurations. A substantial number of the recommendations such as Processes, Services, Shares, Registry settings, System settings and BitLocker status can be checked and reported on in Lansweeper. Check end of life Firmware versions for network devices and scan for the existance or absence of specific files and registry keys for complete CIS® benchmarking.
CIS® CONTROL #6
Maintenance, Monitoring, and Analytics of Audit Logs
Utilize the wealth of event log information available to keep an eye on anything which might indicate a security risk. Although Lansweeper is not a fully-fletched log management system, it will automatically collect logs from Windows servers and desktops. Event logs can be selected by source and searched, reported and exported. Built-in error log and user logon reports help you identify inconsistencies on automatically-collected log information.