Microsoft and Tenable share tips for hardening the IT environment

Sicherheit (Pexels, allgemeine Nutzung)[German]Both Microsoft and the vendor Tenable have addressed the question of how to better protect corporate environments against cyberattacks and ransomware infections in blog posts. I have summarized the relevant information in the following post. 


Microsoft's advice on hardening the environment

In the blog post 7 ways to harden your environment against compromise, Microsoft not only links its Microsoft Compromise Recovery Security Practice (CRSP), but also provides seven tips for improving security. 

  1. Patch faster
  2. Actively protect devices
  3. Reduce attack surface from the Internet
  4. Reduce privileges for users
  5. Leverage the power of the cloud
  6. Reduce "technical debt"
  7. Look at your logs and respond to alerts

While these are generalities and the details can be read in the linked article. On the "patch faster" point (within 48 hours if possible), I had somethingwritten about that in the blog post Microsoft touts top-notch monthly Windows update efficiency. And regarding the smart advice from point 7 to look at the logs, I refer Exchange administrators to the following tweet.

Looks like Microsoft needs to start with itself and clean some things up.

Tenable hints as ransomware protection

I came across the following tweet from security provider Tenable, which suggests 6 steps that can protect against ransomware attacks. 


Tenable about Ransomware protection

This document provides the following six tips on what to do to protect against ransomware attacks.

  1. Scan frequently and all IT systems for signs of ransomware
  2. Harden and specially protect Active Directory (AD) against attacks
  3. Reduce privileges of users in the IT environment
  4. Prioritize, because you can't patch everything
  5. Eliminate vulnerabilities in IT – but completely
  6. Measure the measures via appropriate metrics

Details on the individual punctures can be found in the linked document.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *