|This page is under construction|
The information provided below may not be complete or fully tested. Take care when following draft instructions.
On this page:
IT providers should consider using management tools (for endpoints, mobile devices, and servers) to centralize the deployment and installation of security software and controls(Casper for Mac and SCCM for Windows) across the environment.
To further protect their systems, providers should stay informed of available patches for operating systems to ensure you're up to date with the latest security fixes. Performing regular vulnerability scans will help identify critical OS and third party software application vulnerabilities that may be installed on your systems. This information should be incorporated into a regular patch and vulnerability management cycle.
- For more information on how to classify and secure your data, see Information Protection @ MIT.
- IS&T's Microsoft SCCM Service
- IS&T's SCCM Software Center
- System Center Configuration Manager (SCCM) Landing Page
Vulnerabilities are weaknesses or flaws in hardware or software that can be exploited by malicious users to steal information, gain unauthorized access/privileges, manipulate system activity or cause damage to assets. Depending on the damage potential, vulnerabilities are rated on a scale of low to critical with several online databases that keep track of all vulnerabilities discovered and reported, to include https://nvd.nist.gov/, and corrective actions users should take to fix weaknesses. It is a best practice to prioritize the remediation of critical and high rated vulnerabilities.
- Identify the hosts/ip addresses within your area of responsibility by completing an inventory. See the KB here.
- Contact the security team to schedule a vulnerability scan for your systems.
- The security team uses a tool called Tenable Nessus Security Center to run Vulnerability Scans. See: https://itss-wiki.mit.edu/wiki/index.php/SecurityCenter
- These scans can be scheduled to run at any time but are usually planned for off hours.
- Once the scans are complete, the security team can provide you with a report which will show which systems have vulnerabilities, and the seriousness of those vulnerabilities to help identify high priority items that should be remediated/patched. The reports will also provide information on how to remediate (what to configure/patch) and links to industry write-ups of any vulnerabilities and patches to be applied.
- Implement the remediations and establish a regular patching cycle to ensure systems are up to date with the latest. Stay aware of critical vulnerability notices by subscribing to a vulnerability feed.
Search for the vulnerability at kb.cert.org and implement the solution recommended.
Subsequent vulnerabilities scans should show fewer vulnerabilities as they are remediated.
- SecurityCenter Wiki
- Center for Internet Security for Continuous Vulnerability Management
- SANS Whitepaper on Implementing a Vulnerability Management Process
- National Vulnerability Database
- Frequently Asked Questions about Scanning of Publicly-facing Folders on IS&T-supported File Storage Systems