The Center for Internet Security Controls or #CISControls have become an industry standard to help businesses and organizations of all sizes to maintain an industry standard of #Cybersecurity controls.

The 153 #Safeguards, which are found in the 18 controls, are a foundation to protecting your technology and data. They are not rocket science and the majority you can start to implement today.

Follow along as I outline and simplify the safeguards as we work together and #SecureIT.

Safeguard 2.3 is the last safeguard in Control 2 that is required for all three Implementation Groups. How you address unauthorized software is up to you. You can choose to authorize it, remote it, or provide a documented exception and this should be reviewed at least Monthly.

Like Safeguards 2.1 and 2.2 this is not a huge ask and it should be something that is already part of your monthly processes. If it's not then time to create that policy and start documenting your software inventory to identify what is and what is not authorized.

While the easiest thing may be to say authorize all software, you and I both know that is not why we are in the #CyberSecurity field. Ensuring we know what we have to protect, and having the policies to back us up when we need it are critical to our success.

You have your Software Inventory including its business use case and you've ensured all of the software is currently supported. I would start with the process that all software install requests have to be supported by a ticket outlining what you have to inventory including the business use case. A manager can approve it or not.

Ensuring end users don't have install rights eliminate the possibility of Bob just downloading and installing that classic Napster or Limewire (yes I dated myself) application.

Now you think well then I have to connect in and install every time an update or this or that and that's more time then it's worth.

I'm going to call out CyberFOX and their #AutoElevate tool, which is a #PrivilegedAccessManagement #PAM tool that will audit User Access Controls (UAC) events to see what applications are being installed and updated, create rules based on UAC events, automate ticket requests, and remove the local admin rights to protect your users and data. If you are looking to comply with CIS Controls or any compliance standard, take a look at https://lnkd.in/g8CWFDe8

To check off Safeguard 2.3, all you have to have is the documentation on how you address unauthorized software, when its reviewed, and a library of the documented exceptions.

Join the Conversation - https://www.linkedin.com/posts/scottrdavispa_ciscontrols-cybersecurity-safeguards-activity-7070451518717505536-dCzT?utm_source=share&utm_medium=member_desktop