CIS Benchmarks and the Secret to Browser Security Hardening

When it comes to safeguarding browsers like Microsoft Edge, secure configurations are just the beginning. In the second installment of our CIS Benchmarks webinar series, Ray Feldman, Strategic Alliance Manager at LastPass, took us through the ins and outs of how CIS Benchmarks not only set the foundation for browser security hardening but also align perfectly with password management best practices.

Feldman kicked off by discussing why configurations matter more than ever. While businesses may focus on endpoint security or network defenses, they often overlook the browser, a critical entry point for cyber threats. This episode made it clear—Microsoft Edge needs to be configured with care, and LastPass plays a crucial role in hardening this often-vulnerable part of your digital ecosystem.

Configuring Microsoft Edge Using CIS Benchmarks

As Feldman explained, CIS Benchmarks offer a step-by-step guide to ensure your browser is configured for maximum security. This episode homed in on key configurations that businesses can implement today. For example, by disabling Edge’s built-in password manager and enabling Microsoft Defender SmartScreen, companies create a much stronger security posture.

The discussion highlighted that one of the most-requested security settings from clients is the ability to disable password-saving functionality in the browser. This is where LastPass becomes a game changer. Businesses no longer need to rely on vulnerable built-in browser features; they can turn to LastPass for secure, cross-platform password management.

From Password Storage to Password Management

The reality of password management in 2024 goes beyond simple storage. Feldman broke down why LastPass is more than just a password manager. With over 130 customizable admin policies, LastPass Enterprise offers solutions for every scenario—from securing multi-factor authentication (MFA) to monitoring failed login attempts and password reuse across multiple platforms.

Password managers built into browsers like Edge may offer convenience, but they open the door to a host of vulnerabilities. In contrast, LastPass provides true encryption, cross-platform access, and the ability to audit user behavior—critical features for maintaining compliance with CIS Controls and GDPR.

Microsoft Defender SmartScreen: The Guardian of Browser Security

Feldman also touched on Microsoft Defender SmartScreen, a feature that is often misunderstood but essential for browser security. Once enabled, SmartScreen acts as an additional line of defense by filtering out phishing attempts, blocking access to malicious websites, and preventing users from downloading suspicious files.

In the context of CIS Benchmarks, Microsoft Defender SmartScreen plays an integral role in ensuring that your configurations are foolproof. Even if a user clicks on a questionable link or tries to bypass security prompts, SmartScreen steps in, ensuring that browser security gaps are closed before they can be exploited.

Password Management and Secure Configurations: A Holistic Approach

What became abundantly clear from this episode is that password management and secure configurations must work together. Feldman shared that businesses often focus on one and neglect the other, but the real power comes from layering these defenses. With LastPass handling password management and CIS Benchmarks guiding browser configurations, companies can secure their browsers, protect their sensitive data, and mitigate security configuration drift.

The synergy between Senteon’s security configuration platform and LastPass’s password management system gives organizations a proactive, multi-layered defense strategy. As Feldman puts it, password management is foundational, but it needs to be integrated into a broader security framework, which includes well-configured browsers.

Looking Ahead: How to Elevate Your Security Practices

Next week, we’ll delve into additional browser settings and the IT security best practices that every business should implement. From manual configuration issues to advanced browser settings that you may not know about, we’ll explore how proactive security can prevent endpoint security gaps and reduce risk.

Call to Action:

To catch the full conversation with Ray Feldman, watch the episode here, and don’t forget to register for future webinars at this link.

If you’re ready to evaluate your own security settings and generate free internal and external reports with Senteon, sign up with the comment “settings webinar” here.