Crowdstrike Outage Cybersecurity

Recently, a faulty update from CrowdStrike caused a worldwide technical outage. The outage mostly impacted Windows systems. CrowdStrike confirmed this was a technical issue and not a cybersecurity attack. However, we should be aware of how cybercriminals will use this outage to their advantage.

Read More

YALE-MSS-5.1: Utilize an industry-standard secure configuration method

Standards Group:
YALE-MSS-5: Software Security

YALE-MSS-5.1: Utilize an industry-standard secure configuration method 

Low Risk Endpoint Not Required Moderate Risk Endpoint Not Required High Risk Endpoint Required for PCI Low Risk Server Not Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Not Required Moderate Risk Mobile Device Not Required High Risk Mobile Device Not Required Low Risk Network Printer Not Required Moderate Risk Network Printer Not Required High Risk Network Printer Not Required

Details

Review the secure configuration standard and make risk-based decisions when choosing not to apply specific controls. Document your decisions and review them regularly.

There are secure configuration standards available for most IT Systems. This includes hardware, software, and firmware. 

Yale requires you to implement an industry-standard secure configuration method. When applicable, the CIS (Center for Internet Security) Benchmarks are Yale's preferred standard.  For more information on the CIS benchmarks, visit: https://www.cisecurity.org/cis-benchmarks/

An industry-standard secure configuration method aids the implementation of security best practices. Use an industry-standard configuration method tailored to your hardware, software, or firmware. This ensures you are meeting security best practices for your IT System. 

Controls