This repository contains CIS Benchmark policies for Microsoft Intune which are intendeded to be leveraged as a starting point to Windows hardening, and is not intended to be deployed as-is. It is highly recommended to review these policies before deploying to your organization.
| Benchmark | Version | Published | Reference |
|---|---|---|---|
| Microsoft Intune for Windows 11 | 3.0.1 | 4-20-2024 | https://www.cisecurity.org/benchmark/intune |
| Microsoft Intune for Windows 10 | 3.0.1 | Under Development | https://www.cisecurity.org/benchmark/intune |
| Microsoft Intune for Office | 1.0.0 | Under Development | https://www.cisecurity.org/benchmark/intune |
| Microsoft Edge | 2.0.0 | 4-20-2024 | https://www.cisecurity.org/benchmark/microsoft_internet_explorer |
| Google Chrome | 3.0.0 | Under Development | https://www.cisecurity.org/benchmark/google_chrome |
| Mozilla Firefox 102 ESR | 1.0.0 | Under Development | https://www.cisecurity.org/benchmark/mozilla_firefox |
| Mozilla Firefox 38 ESR | 1.0.0 | Under Development | https://www.cisecurity.org/benchmark/mozilla_firefox |
| Mozilla Firefox 24 ESR | 1.0.0 | Under Development | https://www.cisecurity.org/benchmark/mozilla_firefox |
The Center for Internet Security (CIS) Benchmarks for Windows provide a set of best practices and security configuration guidelines that are designed to safeguard Windows operating systems against a wide range of threats. These benchmarks are widely respected in the industry for several reasons:
-
Comprehensive Security Guidelines: CIS Benchmarks offer detailed guidance on the best security settings for Windows operating systems, including both server and desktop versions.
-
Industry Expertise: The CIS Benchmarks are developed by consensus among cybersecurity professionals and incorporate feedback from a variety of stakeholders, including cybersecurity experts, software vendors, and end-users. This collaborative approach ensures that the benchmarks are both practical and effective.
-
Regulatory Compliance: Many regulatory frameworks and standards (like HIPAA, PCI DSS, and NIST) recommend or require certain security practices that are often covered by the CIS Benchmarks. By adhering to these benchmarks, organizations can ensure they meet compliance requirements and reduce the risk of penalties associated with non-compliance.
-
Baseline Standardization: The benchmarks serve as a valuable baseline for configuring Windows systems securely. They help in standardizing security settings across devices and systems within an organization, which simplifies management and reduces the risk of misconfigurations that could lead to security breaches.
-
Mitigation Against Threats: By following the recommendations in the CIS Benchmarks, organizations can significantly mitigate various cybersecurity risks, including malware infections, unauthorized access, and data breaches. The benchmarks are updated regularly to address emerging threats and vulnerabilities.