#cybersecurity | hacker #cybersecurity | #hackerspace | Understanding Policies: System Preferences Control / Restrict Control Panel

Author: National Cyber Security Category: Greg's Blog


Source: National Cyber Security – Produced By Gregory Evans

By Zach DeMeyer Posted December 21, 2019

JumpCloud®Policies are the Directory-as-a-Service® analogue to the popular Group Policy Objects (GPOs) of Active Directory®, leveraged across all three major operating systems (Windows®, Mac®, Linux®) from the cloud. Using Policies, admins can automate much of their system security management. The System Preferences Control and Restrict Control Panel Policies help admins promote a zero trust security model in their organization.

What the System Preferences Control and Restrict Control Panel Policies Enforce

The System Preferences Control Policy for Mac and Restrict Control Panel Policy for Windows let admins block end users from making changes to their system settings. By using the policies, admins control which specific setting preferences their users can edit.

macOS System Preferences Window
WIndows Control Panel
Windows Control Panel

Using the JumpCloud system agent, each policy relies on native system settings to lock down their respective control windows. When the policies are activated, only the workstation’s local admin or the organization’s sysadmin can unlock the control window and make setting changes.

Why Leverage These Policies?

Although most settings are fairly innocuous, some of them critically affect a system’s operation. They also control the behavior of stored data like network attributes, file backups, disk encryption, etc. If a bad actor succeeds in compromising a system, they can do even more damage if they have access to these kinds of settings.

In some cases, a bad actor can arise from within an organization. If granted access to system settings, the insider can reap sensitive organizational data right under an admin’s nose. That’s where zero trust security comes in. 

Under a zero trust security model, IT organizations operate by the concept that any person or system can present a risk to the operations of a business and shouldn’t be trusted inherently. This doesn’t preclude employees within an organization, meaning that all system activity and network access should be monitored with the utmost vigilance and restricted as neccessary.

By limiting a user’s capabilities to adjust the settings on their workstations, admins uphold their preset system (Read more…)

Source link

The post #cybersecurity | #hackerspace |<p> Understanding Policies: System Preferences Control / Restrict Control Panel <p> appeared first on National Cyber Security.



Source link