Security Considerations in Application Deployment

Importance of Security

• Security is essential for every component of an application.
• Best practices must be used for security settings.
• Security settings include:
  • Operating systems
  • Network devices
  • Application components

Security Measures

• Firewall Settings: Ensure the application is secure.
• Patch Levels: Applications and operating systems should be up-to-date.
• Security Baselines: Must be deployed with each application instance.

Security Baseline Management

• Regular Checks: Continuously verify security baselines are in place.
  • Address any deviations promptly.
• Creation of Security Baselines:
  • Manufacturers provide foundational security baselines.
  • Modify and adapt to organization needs.

Sources for Security Baselines

• Application Developers: Provide baselines for app-specific and file permissions.
• OS Manufacturers: Offer security baselines, e.g., Microsoft.
• Appliance Manufacturers: May provide additional security settings.

Challenges

• Complexity: Many settings to configure, e.g., Windows 10 has over 3,000 group policy settings.
• Security Compliance Toolkit (SCT): Provided by Microsoft for Windows OS and Server.

Deployment of Security Settings

• Central Console Deployment: e.g., Using Microsoft SCT.
• Additional Applications/Processes:
  • Active Directory Group Policy
  • Mobile Device Management (MDM)
• Automation: Essential for large-scale deployments.

Maintenance of Security Baselines

• Updates:
  • New vulnerabilities or OS/application updates necessitate changes.
• Conflicts:
  • Different manufacturer baselines may conflict.
  • Testing and auditing are essential.

Conclusion

• Security baselines generally follow best practices and seldom change.
• Periodic updates and audits ensure continued security.