Security Baselines

Security Baselines

A security baseline is a group of Microsoft-recommended configuration settings that explains their security impact. Industry-standard configuration that is broadly known and well-tested, such as Microsoft security baselines, increases efficiency and reduces costs compared to creating them all by yourself. These settings are continually updated with feedback from Microsoft security engineering teams, product groups, partners, and real-world learning from thousands of customers. Microsoft security baselines provide intelligent recommendations that are relevant to the needs of your business, based on your IT infrastructure.

M365

CIS Microsoft M365 Foundations Benchmark – provide prescriptive guidance for establishing a secure baseline configuration for M365 ecosystem

Azure

CIS Microsoft Azure Foundations Benchmark V1.0.0 – Provides prescriptive guidance for establishing a secure baseline configuration for Microsoft Azure. The scope of this benchmark is to establish the foundation level of security for anyone adopting Microsoft Azure Cloud

Identity

MDM Security Baselines – Microsoft has years of experience publishing security baselines as Group Policy Objects in the Security and Compliance Toolkit (SCT). Customers have trusted this toolkit for years to provide templates to configure security baselines through Group Policy. Microsoft Intune now brings the same collective knowledge and expertise to secure the modern desktop with MDM security baselines.

Windows

Windows Security baselines – We recommend that you implement an industry-standard configuration that is broadly known and well-tested, such as Microsoft security baselines, as opposed to creating a baseline yourself. This helps increase flexibility and reduce costs

Security Compliance Toolkit (SCT) – includes tools to help admins manage their security baselines.

CIS Microsoft Benchmarks – CIS Benchmarks are the only consensus-based, best-practice security configuration guides both developed and accepted by government, business, industry, and academia.

STIGs – Security Technical Implementation Guide – The Security Technical Implementation Guides (STIGs) are the configuration standards for DOD IA and IA-enabled devices/systems. Since 1998, DISA has played a critical role enhancing the security posture of DoD’s security systems by providing the Security Technical Implementation Guides (STIGs). The STIGs contain technical guidance to “lock down” information systems/software that might otherwise be vulnerable to a malicious computer attack.

GCHQ Windows 10 Security Guidance – National Cyber Security Centre guidance has been updated to cover the 1803 “April 2018 Update” of Windows 10 Enterprise. It builds on the previous Windows 10 ALPHA Mobile Device Management (MDM) guidance.

AUSC Windows 10 Hardening Guide – Australian Cyber Security Centre guidance. This document provides guidance on hardening workstations using Enterprise and Education editions of Microsoft Windows 10, version 1709. Some Group Policy settings used in this document may not be available or compatible with Professional, Home or S editions of Microsoft Windows 10, version 1709.