Beyond the Basics – CIS Benchmarks and Advanced Password Security

In this part of the Senteon and CIS Webinar Series, Ray Feldman of LastPass continued to highlight the power of aligning CIS Benchmarks with advanced password management to create a robust, holistic defense for Microsoft Edge browsers. Password security is not just a minor aspect of your overall defense; it’s the front line, and without proper configurations and policies, it leaves the door open for cyber threats.

Building More Than Just Password Storage

During the session, Feldman made it clear that LastPass is far more than a basic password manager. With over 130 admin policies, LastPass extends into comprehensive management of access, user behavior, and login tracking. These capabilities allow administrators to see where password management flaws exist, such as weak password strength or repeated password reuse.

Feldman underscored that many businesses rely on browser-based password managers without fully realizing the security risks. While Microsoft Edge’s built-in password manager offers convenience, it lacks the encryption and audit capabilities of an enterprise-grade solution like LastPass. He pointed out that enabling CIS Benchmark settings in Microsoft Edge disables these vulnerable built-in features, making LastPass an essential tool to fill the gap.

Going Beyond the Basics with CIS Benchmarks

CIS Benchmarks provide the groundwork for security configuration hardening, but Feldman noted that businesses often don’t take full advantage of these guidelines. The manual configuration of browsers like Microsoft Edge is a complex process, but CIS offers detailed instructions for settings that can reduce your attack surface.

For instance, turning off password-saving features and enabling Microsoft Defender SmartScreen are essential, yet often overlooked, steps. As businesses follow these benchmarks, they must also ensure that password management is being handled correctly through solutions like LastPass. The synergy between properly configured browsers and password management creates a layered security approach that mitigates threats before they happen.

Leveraging LastPass’s Granular Control Policies

Another key point from the webinar was the need for granular control over password policies. Feldman explained how LastPass integrates with frameworks like CIS to provide detailed control over user behavior. Whether you need to enforce multi-factor authentication (MFA) or prevent users from accessing certain websites or applications, LastPass offers robust policy management to make sure your security configurations are both enforceable and scalable.

With features like password vault auditing and login behavior tracking, LastPass doesn’t just store passwords; it provides actionable insights into how they’re being used (or misused) across the organization. These tools are critical for maintaining IT security compliance and regulatory standards like GDPR and PCI-DSS.

The Role of Microsoft Defender SmartScreen in Password Security

As Feldman highlighted in the webinar, Microsoft Defender SmartScreen plays a crucial role in maintaining browser security hardening. But what does this mean in practice? Once enabled, SmartScreen blocks access to malicious websites, prevents users from downloading risky files, and helps businesses enforce CIS recommendations for secure browsing.

The conversation brought to light how LastPass complements Microsoft Defender by adding a critical layer of password protection. While SmartScreen works to keep users safe from external threats, LastPass focuses on securing credentials from within the organization, allowing administrators to track password strength, login attempts, and security configuration drift.

Looking Ahead: Scaling Security for Growth

As organizations grow, managing security at scale becomes more complex. Feldman shared insights into how LastPass and Senteon are helping businesses scale their security solutions without increasing operational burdens. Through automated security configuration and real-time monitoring, businesses can keep track of their compliance status and security posture, even as their infrastructure expands.

In the next episode, we’ll explore how to further customize browser security settings and address common security gaps that arise from group policy limitations and manual configuration drift.

Call to Action:

For the full webinar with Ray Feldman, check out the episode here. Don’t forget to register for future episodes at this link.

If you want to assess your internal and external security settings and generate reports for free, sign up with the comment “settings webinar” here.