IA Guidance
The Information Assurance (IA) at the National Security Agency provides security solution guidance based upon our unique and deep understanding of risks, vulnerabilities, mitigations, and threats. This information can be utilized to harden and defend network and system infrastructure, while providing for a sustained presence.
-
From section:
Security Tips
Cloud Security Basics
Cloud services provide enterprise organizations flexibility and new capabilities, however they introduce new risks that must be understood and addressed before procuring a cloud service provider (CSP). Department of Defense (DoD) organizations are charged with handling sensitive data ranging from Personally Identifiable Information (PII) to national security information. As more sensitive data is considered for storage and manipulation in cloud...
29 August 2018 2 page(s) pdf
-
From section:
Security Tips
Windows 10 for Enterprises Security Benefits of Timely Adoption
This document describes features present in Windows 10 Enterprise 64-bit that can
disrupt exploitation techniques and tools used against National Security Systems today
and how the timely adoption of new releases can help to protect systems in the future.
The functionality of many of these features has been evaluated through the National
Information Assurance Partnership (NIAP).06 April 2018 2 page(s) pdf
-
From section:
Security Tips
UNFETTER
Unfetter is bringing Net Defenders and Threat Analysts together for the first time. Net Defenders need the ability to make operational decisions based on complex threat data published by Threat Analysts.
A unique platform that unifies the Net Defender and Threat Analyst communities, Unfetter breaks down barriers through seamless data sharing across the enterprise.
By enabling the...29 March 2018 2 page(s) pdf
-
From section:
Security Tips
NSA's Top Ten Cybersecurity Mitigation Strategies
NSA’s Top Ten Mitigation Strategies counter a broad range of exploitation techniques used by Advanced Persistent Threat (APT) actors. NSA’s mitigations set priorities for enterprise organizations and required measures to prevent mission impact. The mitigations also build upon the NIST Cybersecurity Framework functions to manage cybersecurity risk and promote a defense-in-depth security posture. The mitigation strategies are ranked by effectiveness...
05 March 2018 2 page(s) pdf
-
From section:
Security Tips
UEFI Advantages Over Legacy Mode
Device vendors have redefined the interface between the OS and platform firmware. The interface, defined in various UEFI specifications, replaces the older Basic Input/Output System (BIOS). Old BIOS computers need to be replaced, and newer UEFI computers should switch to UEFI native mode for several technical advantages: Secure Boot; GUID Partition Table (GPT) Support; Platform and Architecture Independence; Consistent Variables...
07 February 2018 2 page(s) pdf
-
From section:
Security Tips
UEFI Lockdown Quick Guidance
Unified Extensible Firmware Interface (UEFI) provides multiple levels of password-based boot control. Three password levels are used to interact with machine firmware prior to the operating system boot. Failure to secure these accounts can open machines up to unauthorized, undesired, and repudiated boot device changes, device/component firmware configuration changes, and unauthorized connectivity to peripheral devices.
25 January 2018 1 page(s) pdf
-
From section:
Security Tips
Advanced Concepts - Information Assurance Solutions at the Speed of Technology
With the accelerating pace of innovation and the convergence of new technologies such as the Internet of Things (IoT), it is increasingly difficult to manage growing IA risk. With security sometimes underinvested when bringing technologies quickly to market, potential IA vulnerabilities can be exploited at alarming rates, globally impacting civilian entities, government entities, and organizations across all industries.
13 June 2017 2 page(s) pdf
-
From section:
Security Tips
Privileged Access Management
Privileged Access Management (PAM) solutions protect and track the use of sensitive or critical capabilities such as administrative or service accounts. PAM solutions provide a centralized management interface for authentication and access control throughout the network. This unification provides simplified device management as well as an improved, granular least privilege2 implementation. In some cases, access controls and management functions can...
25 April 2017 2 page(s) pdf
-
From section:
Security Tips
Least Privilege
The least privilege principle is the practice of restricting capabilities to only those who require them. On information systems, these capabilities may include: The ability to access or log into machines or services; The ability to access resources such as files or data; The ability to install, update, or execute programs, processes, or applications; The ability to add or remove...
10 April 2017 2 page(s) pdf
-
From section:
Security Tips
Overview of Software Defined Networking (SDN) Risks
Software Defined Networking (SDN) is an emerging technology, defined by the Open Network Foundation (ONF) as "the physical separation of the network control plane from the forwarding plane, and where the control plane controls several devices." While SDN offers new capabilities, it also introduces new risks. This document provides technical background, an overview of risks, and guidance for decision makers...
23 February 2017 2 page(s) pdf
Top