Skip to main content

How can we help?

Frequently searched: Android devices, cloning, ADC Gallery, Glossary,...

Security and Compliance

How we manage your data, our privacy policy, development processes and hosting details

In this article

    Security and Configuration Overview

    Executive Summary

    This document defines the minimum-security baseline and operational standards required to protect Windows-based infrastructure, applications, and virtualization platforms from unauthorized access, misconfiguration, and operational risk.

    The baseline establishes consistent controls across operating systems, identity services, web platforms, networks, and hypervisors, with a focus on least privilege, secure configuration, attack surface reduction, monitoring, and recoverability.

    Key objectives include:

    • Enforcing patching, malware protection, disk encryption, and secure access controls
    • Hardening Windows Server, Active Directory, IIS, and RDP configurations
    • Disabling legacy protocols and unnecessary services
    • Centralizing logging and enabling proactive monitoring
    • Securing network traffic through segmentation and firewall enforcement
    • Ensuring resilient, monitored, and recoverable virtualization platforms

    Adherence to this baseline is mandatory for all supported environments and provides an auditable foundation aligned with industry-recognized security frameworks and best practices.

     

    ISO/IEC 27001 Alignment Overview

    This security baseline is designed to support alignment with ISO/IEC 27001 information security principles and Annex A controls. While this document alone does not constitute ISO 27001 certification, it directly supports compliance readiness by addressing key control domains, including:

    • Information Security Policies (A.5): Defined, documented, and enforced security standards
    • Access Control (A.5, A.8): Least privilege, MFA, privileged account management, and role separation
    • Cryptography (A.8): Encryption at rest (BitLocker) and in transit (TLS hardening, LDAPS)
    • Operations Security (A.8): Patch management, malware protection, logging, monitoring, and system hardening
    • Communications Security (A.8): Network segmentation, firewall controls, and secure DNS configuration
    • System Acquisition, Development, and Maintenance (A.8): Secure configuration of IIS, third-party dependencies, and application platforms
    • Supplier & Platform Dependencies (A.5, A.8): Controlled use and patching of third-party software
    • Information Security Incident Management (A.5): Centralized logging and audit readiness
    • Business Continuity & Disaster Recovery (A.5): Backup strategies, redundancy, and infrastructure documentation

    This baseline can be used as a technical control reference when mapping organizational policies, risk assessments, and Statements of Applicability (SoA) for ISO 27001 programs.

     

    For More Detailed Recommendations

    Related articles