What is the German IT baseline protection (IT-Grundschutz)?

April 21, 2023April 17, 2023 by Fabian Niesen

IT Security, Cyber Security, image on the topic of IT security that features a lock at the center of the image as a central symbol for protection and security. Surround the lock with circuitry and electronic components in the background to establish a connection to the digital world and technology.

The German IT-Grundschutz forms the basis for IT security in Germany and is internationally recognised. This is a collection of recommendations that help IT systems to be protected against security threats. In this blog article, I would like to take a closer look at the origin, international acceptance and structure of the German IT-Grundschutz.

German Federal Office for Information Security (German BSI) security recommendations for Windows 10

June 24, 2021June 22, 2021 by Fabian Niesen

The German Federal Office for Information Security (BSI) has published new documents on Microsoft Windows 10 and how to secure it. I looked at the BSI security recommendations for Windows 10 before I wanted to report on them. The background to this is that in the past, publications in this direction were sometimes more than outdated when they were published or they were very superficial.

The Windows 10 Sandbox

July 1, 2021March 10, 2021 by Fabian Niesen

The Microsoft Windows 10 Sandbox is a new security feature in Windows 10 Pro and Enterprise. The idea behind it is to try something out in a safe “sandbox”. For example, installing a potentially insecure application.

Let’s get started with the sandbox game….

Administrative Templates in Intune (Version 2101)

July 1, 2021March 1, 2021 by Fabian Niesen

In October 2019, I had already published a list of administrative templates. After that time, I thought I should update it.

“Domain Controller Enforcement mode” will be activated as of 9 February 2021

January 18, 2021 by Fabian Niesen

With the security update of 11 August 2020, Microsoft has addressed a security vulnerability (CVE-2020-1472). This has not yet been closed automatically, as compatibility problems may occur. How to close the vulnerability beforehand is explained in KB article 455722.

Microsoft identified a critical vulnerability and closed it via the Microsoft Store

June 24, 2021July 3, 2020 by Fabian Niesen

I have already addressed the question of the correct handling of the Microsoft Store several times, for example in the article “Windows 10 and the Microsoft Store“. Now it is all more important that the IT departments deal with the topic again.

Setting up Office 365 – Part 2

June 24, 2021March 9, 2020 by Fabian Niesen

This article is part of my migration from my old Office 365 to my new Microsoft 365 Tenant. It is also about setting up Office 365, the other Microsoft 365 topics will follow later. I also have written this article intentionally so that it can also be used for setup outside of a migration scenario. Part 1 was about choosing the right edition, setting up the account and configuring the domains and DNS.

Website monitoring with PRTG

June 24, 2021January 23, 2020 by Fabian Niesen

This time an article slightly outside the Microsoft world. This time there is an excursion into monitoring and the monitoring of web servers under Linux. Some know this, nothing is worse than when the website you want to visit is not reachable. Since this happened to me 2 times in 2 days, the web server has hung up and I could not find the error, something had to be done.

Ignite day 2 – Modern Management recap

November 6, 2019 by Fabian Niesen

Computergenerierter Alternativtext: Microsoft Intune Configuration Manager Other Endpoint Management Tools Integrated solution for IT admins to understand and take action across all endpoints in their estate Microsoft Endpoint Manager Status and alerts

Today was day 2 of the Microsoft Ignite in Orlando. Today I was in the focus in sessions about modern management on the move. That means, for example, Microsoft Intune, but especially the newly announced function of the “Microsoft Endpoint Manager”.

Local Administrator Password Solution (LAPS)

June 21, 2021April 19, 2017 by Fabian Niesen

In the past, a company-specific standard was usually always used for local administrator passwords. But what do you do if an employee who knows the default password leaves the company?

Right, it should be changed. In the past, Group Policies (GPO) were often used for this, even if the password was in clear text in SysVol. This was fortunately stopped by Microsoft. What other solutions are available? In practice I have seen VBS or PowerShell scripts, the good ones have random passwords, the bad ones only a standard.

But isn’t there a well designed solution from Microsoft? Yes, there is, Local Administrator Password Solution (LAPS).