Three Tips for Success Adopting and Using Security Benchmarks Credit: gorodenkoff Secure configurations are a key best practice for limiting an organization’s cyber vulnerabilities. Since systems don’t ship securely, it’s important to review and implement recommended guidance. Fortunately, organizations have access to a helpful implementation tool known as CIS Build Kits that can help with the process.Configure Systems Securely with the CIS BenchmarksThe Center for Internet Security (CIS) has worked with a global community of cybersecurity experts for 20 years to identify, validate, and promote cybersecurity best practices.The CIS Benchmarks are secure configuration guidelines covering 100+ technologies for 25+ product vendor families. They are the only consensus-based secure configuration guidelines both developed and accepted by government, business, and academia worldwide. CIS Benchmarks are referenced by other frameworks such as PCI DSS, FISMA, HIPAA, and more. The CIS Benchmarks security recommendations are released for free in PDF format to help every organization secure their systems and data.Download CIS BenchmarksNo-cost guidance is also available for cloud technologies through the CIS Foundation Benchmarks.CIS Build Kits – A Time Saving Implementation ToolWhile these no-cost resources are great, it can be time-consuming and challenging to implement them manually from a PDF. This is why CIS Build Kits were developed. These automated tools provide IT professionals with the option for both a rapid implementation of CIS Benchmark recommendations, along with confirmation that the implementation has been performed correctly.CIS Build Kits are automated, efficient, repeatable, and scalable resources. They can be applied via the group policy management console in Windows, or through a shell script in Linux (Unix,*nix) environments. They can be tailored (customized) to an organization’s particular use case. Combined with the use of other CIS SecureSuite resources, Build Kits reduce the time to implement. 3 Tips for Using CIS Build KitsHere are three of the most important tips for making sure you successfully use CIS Build Kits:1. Scan and Review CIS Benchmark Recommendations Save time by using CIS-CAT Pro, a configuration assessment tool, to scan your environment. Once complete, review the results. This will help to identify any areas not configured to the CIS Benchmark, allow you to review the data, and help determine any potential impacts of implementing the setting. You can customize them as needed.2. Use a Test EnvironmentApply CIS Build Kits in a test environment first. Testing first helps you avoid any policy or performance conflicts by modifying the Build Kits to best fit your organization’s environment. Take a look at the ReadMe file within the Build Kit for instructions based on the system as the application will be unique depending on the system involved.3. Review SettingsBefore deploying, review the settings once more using CIS-CAT Pro. Be sure to pay attention to the settings noted in each CIS Benchmark that must be applied manually, such as root or admin configurations.Once you’ve completed these steps you’re ready to deploy in a live environment.Sample Build KitsWant to see what Build Kits have to offer? Try a sample CIS Build Kit today and see how easy it is to start secure and stay secure with CIS resources. These sample Build Kits contain a subset of the recommendations within the CIS Benchmark and are not intended to be fully implemented, but rather to provide you a snapshot of what to expect with the full CIS Build Kit. Samples include:A sample CIS Build Kit for Microsoft Windows:Group Policy Objects (GPOs) engineered to work with most Microsoft Windows systems that rapidly apply select CIS Benchmark configuration settings to harden workstations, servers, and other Windows computing environments.A sample CIS Build Kit for Linux:Custom script designed to harden a variety of Linux environments by applying secure CIS Benchmark configurations with a few simple clicks. The Linux Build Kit evaluates the entire CIS Benchmark and creates a log file that lists the recommendations that will require manual review/remediation.Integrated Cybersecurity Tools and ResourcesComplete CIS Build Kits are available to CIS SecureSuite Members as part of their Membership, and can be easily downloaded via CIS WorkBench. More than 50 Build Kits are currently available.Membership includes access to full-format, machine-readable CIS Benchmarks, the CIS-CAT Pro configuration assessment tool with remote assessment capabilities, creation of custom configuration policy via CIS WorkBench, CIS CSAT Pro for assessing implementation of the CIS Controls, and more.Already a CIS SecureSuite Member? Visit CIS WorkBench and access CIS Build Kits now. Related content brandpost Sponsored by CIS Mapping Your Way To Compliance With Cybersecurity Frameworks Make cybersecurity program work more efficiently by "mapping" frameworks to security resources By CIS Apr 23, 2021 3 mins Security brandpost Sponsored by CIS Managing Your Cybersecurity Program for the Win Discover how the right tool helps save time, prevents errors, offers transparency, and measures compliance By CIS Apr 23, 2021 4 mins Security brandpost Sponsored by CIS Remediate Insecure Configurations to Improve Cybersecurity With CIS, translate cyber threat information into action while saving time By CIS Apr 14, 2021 5 mins Security brandpost Sponsored by CIS How Configuration Assessments Help Improve Cyber Defenses Assessing Regularly is the Key to Reducing Risk from Poorly Configured Systems By CIS Apr 06, 2021 4 mins Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe