Australia aims to be the world leader in cyber security by 2030 using the Australian Cyber Security Strategy that was released on 22 November 2023. With the cost of cybercrime on Australian businesses growing by up to 14% per annum, the Cyber Security Strategy seeks to improve cyber security, manage cyber risks and better support citizens and Australian businesses to manage their cyber environment by using six cyber shields and actions to be taken.

In February 2022, the Center for Internet Security (CIS) released the Microsoft Windows Server 2022 Benchmark v1.0.0, which includes over 50 new features, Group Policy Objects (GPOs), capabilities, and services. The document compares Server 2019 and Server 2022 for their similarities and differences, as well as Windows 11 and Windows 10.

IIS hardening can be a time-consuming and challenging process. PowerShell can help you achieve hardened IIS security settings to some extent, but it still requires hours of testing to ensure that nothing is broken. CSS by CalCom can automate the IIS hardening process with its unique ability to “Learn” your network, eliminating the need for lab testing while ensuring zero outages to your production environment.

System hardening involves identifying and addressing security vulnerabilities across hardware, firmware, software, applications, passwords, and processes. Compatibility allows most applications to work smoothly, but securing a system requires additional steps known as system hardening best practices, which are crucial for protection against advanced threats. Microsoft emphasizes server security and provides comprehensive hardening techniques and best practices tailored to various platforms.

Hardened Baseline Configuration is a crucial aspect of system security for cybersecurity experts and the risk management teams. The secure baseline configuration represents a set of security controls that have been carefully selected and implemented to provide a robust general level of system hardening. There isn’t a one-size-fits-all solution, and specific configurations will vary depending on the type of system (server, desktop, etc.), role and its intended use.

Windows Remote Desktop Service(RDS) in Microsoft Windows allows users to control a remote computer or virtual machine over a network using the Remote Desktop Protocol (RDP). To secure this access, it’s crucial to implement strong passwords to prevent brute force attacks and unauthorized access.

Best practices for mitigating various attack vectors are changing depending on the environment and server functionality. CIS baselines cover most of the relevant scenarios by addressing the first stage of your Hardening Windows Server project. CIS Benchmarks -What are They and How to Use Them Microsoft has been doing some work related to default security configuration, but there is still a big gap between security best practices (i.e. common benchmarks) and the default Windows configuration.

System hardening is the process of configuring a system to a more secure state. Many technology solutions are not securely configured by default, so system administrators must harden systems while retaining their desired functionality. Thankfully, system administrators do not have to figure out system hardening on their own. Instead, they can reference security benchmarks which describe recommended secure configurations for a system.

Server hardening is a process that secures, essentially “hardening” a server infrastructure reducing the attack surface, which encompasses all potential entry points that unauthorized attackers could exploit. The objective is to enhance protection, minimize vulnerability and improve security posture. Achieving security and compliance requires implementing server hardening as an essential prerequisite. Server hardening is a proactive process that involves.

The Windows Local Administrator Password Solution ( Windows LAPS) is a built-in Windows feature designed to seamlessly handle and safeguard the password for a local administrator account on devices joined to either Microsoft Enterprise or Windows Server Active Directory domains. Additionally, Windows LAPS can be utilized to automatically manage and secure the Directory Services Restore Mode (DSRM) account password on Windows Server Active Directory domain controllers.