When we procure a system or software, we often leave the default settings as setup by the vendor. That might not always be good for security. One of the most important components of any systems security work is the development of a consistent security configuration with a sensibile baseline security. Once this is achieved, it greatly increases the overall organisation’s system security.
Baseline security is an increasingly important task in today’s data breach era we are living in. It is also an extremely helpful in responding to a potential incident. With that in mind, this is a good source of information. http://www.cisecurity.org. Commonly companies focus on adopting a somewhat rigid security configuration but they fail to appreciate that system configuration drifts and changes over time. A system that does not change will inevitably become less secure over time, as security updates are not applied.