SAMMY UI is optimized for resolutions with a width 1024px and higher.
CIS Critical Security Controls
Browse CIS Critical...
4,1: Establish and Maintain a Secure Configuration Process
4,2: Establish and Maintain a Secure Configuration Process for Network Infrastructure
4,3: Configure Automatic Session Locking on Enterprise Assets
4,4: Implement and Manage a Firewall on Servers
4,5: Implement and Manage a Firewall on End-User Devices
4,6: Securely Manage Enterprise Assets and Software
4,7: Manage Default Accounts on Enterprise Assets and Software
4,8: Uninstall or Disable Unnecessary Services on Enterprise Assets and Software
4,9: Configure Trusted DNS Servers on Enterprise Assets
4,10: Enforce Automatic Device Lockout on Portable End-User Devices
4,11: Enforce Remote Wipe Capability on Portable End-User Devices
4,12: Separate Enterprise Workspaces on Mobile End-User Devices
Securely Manage Enterprise Assets and Software
4,6: Securely Manage Enterprise Assets and Software
Policy defined
Not applicable - Not applicable
None - None
Informal - Informal
Partially written - Partially written
Written - Written
Approved and communicated - Approved and communicated
Control implemented
Not applicable - Not applicable
Not implemented - Not implemented
Parts of policy implemented - Parts of policy implemented
Implemented on some systems - Implemented on some systems
Implemented on most systems - Implemented on most systems
Implemented on all systems - Implemented on all systems
Control automated
Not applicable - Not applicable
Not automated - Not automated
Parts of policy automated - Parts of policy automated
Automated on some systems - Automated on some systems
Automated on most systems - Automated on most systems
Automated on all systems - Automated on all systems
Control reported
Not applicable - Not applicable
Not reported - Not reported
Parts of policy reported - Parts of policy reported
Reported on some systems - Reported on some systems
Reported on most systems - Reported on most systems
Reported on all systems - Reported on all systems
Description

Securely manage enterprise assets and software. Example implementations include managing configuration through version-controlled-infrastructure-as-code and accessing administrative interfaces over secure network protocols, such as Secure Shell (SSH) and Hypertext Transfer Protocol Secure (HTTPS). Do not use insecure management protocols, such as Telnet (Teletype Network) and HTTP, unless operationally essential.