Security Baseline
Security Baseline cho Windows
| Category | Details |
|---|---|
| System Updates | - Enable automatic updates. - Install latest security patches. |
| Antivirus/Anti-malware | - Install and update Windows Defender. - Install and update Microsoft Sentinel. |
| Firewall | - Enable and configure Windows Firewall. - Set up rules to allow necessary applications. |
| Account Management | - Disable default Administrator account. - Use strong passwords. - Use standard accounts for daily tasks. |
| Disk Encryption | - Enable BitLocker for disk encryption. |
| Security Settings | - Configure lock screen timeout. - Disable unnecessary services. |
| Group Policy | - Use Group Policy to manage security settings. - Limit application installations. - Enforce password policies. - Configure audit policies. |
| Windows Domain | - Join computers to Windows Domain for centralized management. |
| Login with Google | - Configure Google Credential Provider for Windows (GCPW) for login with Google accounts. |
Security Baseline cho Mac
| Category | Details |
|---|---|
| System Updates | - Enable automatic updates. - Install latest security patches. |
| Antivirus/Anti-malware | - Install and update antivirus software (e.g., Malwarebytes). |
| Firewall | - Enable and configure macOS Firewall. - Set up rules to block unwanted connections. |
| Account Management | - Set strong passwords. - Disable admin account if unnecessary. - Use standard accounts for daily tasks. |
| Disk Encryption | - Enable FileVault for disk encryption. |
| Security Settings | - Configure lock screen timeout. - Disable unnecessary services. |
| Application Control | - Use Gatekeeper to control app installations. |
| Management Tools | - Install and configure Jamf Pro for device management. - Install and configure Jamf Connect for authentication. - Install and configure Jamf Protect for security monitoring. |
Security Baseline cho Ubuntu
| Category | Details |
|---|---|
| System Updates | - Run apt-get update and apt-get upgrade regularly.- Install latest security patches. |
| Antivirus/Anti-malware | - Install and update antivirus software (e.g., ClamAV). |
| Firewall | - Enable and configure UFW. - Set up rules to block unwanted connections. |
| Account Management | - Disable root account and use sudo.- Use strong passwords. - Use standard accounts for daily tasks. |
| Disk Encryption | - Use LUKS for disk encryption. |
| Security Settings | - Configure lock screen timeout. - Disable unnecessary services. |
| Application Control | - Enable and configure AppArmor to restrict application permissions. |