Ensure all endpoints are using the latest version of the appropriate operating system and don’t use unsupported versions. Patch endpoint operating systems to mitigate cybersecurity risk. Patch endpoints with ‘extreme risk’ vulnerabilities within 48 hours.
NinjaOne automates patching for Windows, Mac, and Linux endpoints. Patch scanning and deployment schedules are distinct, allowing for daily, weekly, or monthly patch scanning and deployment. Ninja gives full control over patch approval, rejection, and deployment by patch category and criticality.
Ninja also gives full visibility into patching activity, including failures, to ensure you can effectively report on patch compliance.
Ensure the use of the latest versions of applications. Patch applications (e.g. Flash, Java, Chrome, Microsoft Ofﬁce, etc) to mitigate cybersecurity risk. Patch endpoints with ‘extreme risk’ vulnerabilities within 48 hours.
NinjaOne automates patching for over one hundred fourty common applications. Patch scanning and deployment schedules are distinct, allowing for daily, weekly, or monthly patch scanning and deployment. Patches for unsupported applications can also be deployed via custom script and remote access tools.
Ninja also gives full visibility into patching activitiy, including failures, to ensure you can effectively report on patch compliance.
Require backup of important new / changed data, software and conﬁguration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.
NinjaOne provides a fully-integrated data protection solution built for server and endpoint workﬂows. Data can be stored locally, in the cloud, or both to ensure your data protection needs are met. Users get full control over retention policies, allowing for three months or longer data retention.
Restrict Administrative Privileges
Restrict privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don’t use privileged accounts for reading email and web browsing.
Ninja supports least privileged access through:
Require MFA for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access an important (sensitive/high-availability) data repository.
NinjaOne requires multifactor authentication for access to the management console and related capabilites either via Ninja’s built-in MFA or via SSO through integrated IDPs.
Ninja also requires MFA to complete security-critical actions like managing users or deploying scripts.
Ninja can also be used to automate the deployment of agent-based IDP solutions to enforce MFA on endpoints.
User Application Hardening
Conﬁgure web browsers to block Flash (ideally uninstall it), ads and Java on the internet. Disable unneeded features in Microsoft Ofﬁce (e.g. OLE), web browsers and PDF viewers.
NinjaOne supports user application hardening via:
Microsoft Ofﬁce Macro Settings
Conﬁgure settings to block macros from the internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certiﬁcate.
NinjaOne supports disabling Microsoft Ofﬁce macros via: