The focus is often on defence against attacks from the internet. Companies invest large sums of money to optimise the detection and prevention of attacks. The most successful attacks of the past have one thing in common: they are based on the neglect of defence within the organisational boundaries. As soon as the first systems are infected, attackers try to spread laterally. In order to prevent the lateral spread to surrounding systems, the risk-based configuration of the individual systems is of crucial importance.
Operating systems often come with default configurations. For example, operating systems in the default configuration tend to be designed to be user-friendly and backwards compatible and thus also support obsolete and insecure technologies. According to the motto: “The main thing is that it runs”, even weak configurations that have been known for a long time are allowed.
Individualisation
A configuration check will answer the following questions, among others:
- Is strong encryption enforced?
- Are system events recorded appropriately?
- Do the users only have the necessary permissions?
- Are non-essential services deactivated?
We can answer these and many other questions by checking the configuration of your systems! In doing so, Swiss Infosec AG is guided by recognised standards and manufacturers’ best practice recommendations.
Your added value
The main aim is to highlight the attack surface for internal attacks and consolidate explicit recommendations for your company.
These are in particular:
- Reduction of lateral spreading possibilities
- Avoidance of unsafe technologies and protocols
- Increased traceability of events
You will receive these and other recommendations for improvement in a consolidated final report.