A Minimum Security Baseline (MSB) is a minimum information security configuration standard, sometimes referred to as an organization’s internal “best practices.” MSBs can be applied to many areas within an organization, including routers, switches, firewalls, servers, or a site. These configuration standards detail many important items such as security patch minimums, unnecessary services to disable, and the number of required physical locks and surveillance cameras.
Many believe that throwing more security technology at an area is the best security “medicine.” However, carefully applying standard information security configurations to hardware and software in addition to physical security measures will lead to a comprehensive and sustainable information security program.
NetSentries has experts in all facets of security, with many combined years of experience implementing and configuring hardware and software in a secure manner.
NetSentries uses a multiphase process for developing and implementing MSBs. First, NetSentries reviews any existing MSBs or creates an initial MSB draft. NetSentries then collaborates with the client’s IT department to create a final version of the MSB. Once a final version is created, the IT department implements the MSB, including new base images used to create new systems.
Once the MSBs are in place, NetSentries highly recommends testing the system by performing a Host Interrogation and Configuration Review, which can validate if the MSBs are being applied correctly. The MSB will be improved based on this review of emerging threats and changes in the environment.
Finally, NetSentries recommends the client create a program that continuously updates and improves the MSB. NetSentries can assist in setting up this program and establishing a repeating cycle for future updates. It is critical to repeat these steps on a regular basis to ensure MSBs stay current and relevant.