Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: System Hardening Standards

From: Jessica Odom <odom () LCLARK EDU>
Date: Mon, 14 Nov 2016 12:44:43 -0800
We use CIS (https://benchmarks.cisecurity.org/downloads/#free) and tweak to
our environment.  They provide a nice checklist and the technical detail of
how to perform the control, which is helpful since their standards our very
comprehensive.  We definitely cannot do everything they recommend and we
annotate that in our documentation, but it serves as a useful learning
exercise.  --Jess

On Mon, Nov 14, 2016 at 12:26 PM, Adam Maynard <AMaynard () clarku edu> wrote:


I'd be interested in that as well.

Right now I'm looking into CIS and/or NIST, then tweaking them to fix our
environment.


-Adam

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Justin Harwood
Sent: Monday, November 14, 2016 12:36 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] System Hardening Standards

Hello,

Can someone recommend what you have used in the EDU space for system
hardening standards that works well?

________________________________

This e-mail, including any attachments, is intended only for the
addressee's use and may contain confidential and proprietary information.
If you are not the intended recipient, you are hereby notified that any
retention, dissemination, reproduction, or use of the information contained
in this e-mail is strictly prohibited. If you have received this e-mail by
error, please delete it and immediately notify the sender. Thank you for
your cooperation.





-- 
Jessica Odom, CISSP, GIAC GLEG
Information Security Officer
Lewis & Clark | go.lclark.edu/it/security <http://go.lclark.edu/it>
Previous By Date Next
Previous By Thread Next

Current thread: