Hello, Guest!


NSA, CISA Issue Baseboard Management Controller Cybersecurity Guidance

Systems security

NSA, CISA Issue Baseboard Management Controller Cybersecurity Guidance

The National Security Agency and the Cybersecurity and Infrastructure Security Agency have released the “Harden Baseboard Management Controllers” cybersecurity information sheet to help baseboard management controllers protect their systems from cyberthreats.

According to the agencies, BMCs are prone to a variety of cyberthreats, including security solutions shutdown, data manipulation and malware infection. The damage could significantly impact an organization’s ability to remotely access network configuration and management resources because a BMC’s capabilities persist even if the server is shut down.

The recommendations in the guidance include imposing more secure BMC credentials and configurations, monitoring BMC integrity and establishing virtual network separation, NSA said.

The guidance follows the NSA’s release of a zero trust cybersecurity information sheet in March for identity, credential and access management. The Advancing Zero Trust Maturity Throughout the User Pillar guidance highlights how a mature zero trust architecture would help protect ICAM systems and includes recommendations on how to limit potential damages to systems.

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Cybersecurity

Category: Cybersecurity

Tags: baseboard management controllers cybersecurity Cybersecurity and Infrastructure Security Agency cybersecurity information sheet Harden Baseboard Management Controllers National Security Agency