Ensuring that Computers Comply with Quality Security Standards
Introduction
Computer security is an essential aspect of information technology, considering the impacts of data breaches and cyberattacks. Always a new organization would, therefore, establish a quality mechanism of assessing the compliance of its computer systems to well-defined computer standards. The company would also establish a malware security operation that would occasionally scan the computers of possible viruses and any malware. Well-structured procedures would guide the users of the right ways to use Microsoft Security Compliance Toolkit (SCT) for evaluating the compliance of the systems to standard security baselines. The procedures would also include the process of using OpenVas techniques to scan devices for vulnerabilities.
Microsoft Security Compliance Toolkit and OpenVas Systems
Microsoft security baselines are frameworks that provide users with a benchmark to evaluate the security of their systems against quality security settings and updated security features (Lakshmi, 2019). Always Fresh organization would configure their platforms according to the directories provided by Microsoft’s controls. It would, therefore, be more comfortable with gauging the security of computer systems against a well-established security level. When a user would like to upgrade an operating system, they would also update the baselines to ensure full coverage of the extended functions. The company would also deploy the capabilities supported by OpenVas systems to scan using methods such as the network vulnerability test.
When conducting a network vulnerability test, the system administrator uses plugins developed in Nessus Attack Scripting Language (NASL). A typical OpenVas server consists of tens of thousands of NASL files that are vulnerability checks for scanning items in a computer system (Aksu, Bıçakçı & Altuncu, 2019). The security policy would include a detailed procedure that ensures that computers remain secure of advanced and existing malware and viruses. The procedure given below provides a reliable process for guiding users of the appropriate security measures to undertake.
Ensuring that Computer Systems Comply with Quality Security Standards
The system administrator of the company needs to establish a procedure and provide it to all the users and employees to exercise when using their computers.
- The user should access the OpenVas application at the Linux Penetrating Testing distributions or any other approved provider that offer pre-installed and pre-configured tools, run the apt install, and run the configure script.
- Ensure that the OpenVas scanner is running and access the login screen to initiate the operation of the application.
- Access the OpenVas log files where would evaluate the behavior of various platforms.
- Using the original configuration file or the default settings, check the current running configuration, and if changes are required, make them appropriately.
- Open the OpenVas update system to rebuild the existing security software.
- Ensure that you scan the computer systems appropriately. Users would quickly scan the computers at least once a day, every day, and conduct full scans three times a week.
- OpenVas software enables the conduction of network vulnerability tests (NVT) for its plugins to help in troubleshooting an NVT that is not working. Users need to adhere to the quick checks and debugging to eliminate errors.
- They would also update client and server certificates every time the system delivers updates.
This procedure would ensure that the system does not have weaknesses that would expose the computer systems to unnecessary cyberattacks (Korovessis, Furnell, Papadaki & Haskell-Dowland, 2017). The system is then subjected to the Microsoft security compliance toolkit that enables system administrators to download, analyze, test, edit, and store security configuration baselines for windows and other Microsoft products as recommended by the provider. The users would periodically access the computer systems to keep them secure through the following procedure.
- Compare the current Group Policy Object (GPO) with the Microsoft-recommended GPO baselines.
- Edit and store the current GPO in a GPO backup file format and deploy them extensively through the Active Directory, or explicitly through the local policy.
- Ensure that the security baselines remain audited to ensure effectiveness in performance.
- Confirm if the configuration is correctly applied.
- Evaluate the existing security settings to eliminate unnecessary modifications of the security settings brought by changes in the environment.
- Map particular checks for various cybersecurity frameworks and standards and develop an efficient record of scan history to assess the effectiveness of compliance actions.
References
Aksu, M. U., Bıçakçı, K., & Altuncu, E. (2019). A First Look at the Usability of OpenVAS
Vulnerability Scanner. In Workshop on Usable Security (USEC) 2019. NDSS.
Korovessis, P., Furnell, S., Papadaki, M., & Haskell-Dowland, P. (2017). A toolkit approach to
information security awareness and education. Journal of Cybersecurity Education, Research and Practice, 2017(2), 5.
Lakshmi, V. (2019). Beginning Security with Microsoft Technologies: Protecting Office 365,
Devices and Data. Apress.