Illinois Personal Information Protection Act

Premier Cooperative Information Security Policy

 

Frameworks

STIG MAC 1 - Classified (v2r2)

Windows 10

87%  87%

__________________________________________

Server 2019/2022

80%  80%

__________________________________________

Internet Explorer 11

100%  100%

__________________________________________

Windows Defender

100%  100%

__________________________________________

Adobe Acrobat Reader

     Clients

79%  79%

     Servers

100%  100%

__________________________________________

Microsoft Edge

     Clients

85%  85%

     Servers

100%  100%

__________________________________________

Google Chrome

     Clients

90%  90%

     Servers

100%  100%

__________________________________________

Windows Firewall 

100%  100%

______________________________________________________________________

CIS Level 2 + NG (v1.12.0)

Windows 10

88%  88%

__________________________________________

Server 2022 Member Server/Domain Controller

96%  96%

__________________________________________

Microsoft Office 2016/2019

89%  89%

______________________________________________________________________

Internet Explorer 11

     Clients

88%  88%

     Servers

100%  100%

______________________________________________________________________

Microsoft Edge

     Clients

77%  77%

     Servers

100%  100%

______________________________________________________________________

Google Chrome

     Clients

82%  82%

     Servers

100%  100%

______________________________________________________________________

SCuBA M365 Security Baseline (Automated Checks Only)

82%  82%

__________________________________________

Binding Operational Directives

______________________________________________________________________

 

More Info:

Definitions

STIG MAC 1 - "Systems that handle information that is vital to either the operational readiness or mission effectiveness of deployed and contingency forces in terms of both content and timeliness. The loss of integrity or availability of a MAC I system is unacceptable and could include the immediate and sustained loss of mission effectiveness. Mission Assurance Category I systems require the most stringent protection measures."

CIS Level 2 - "Level 2 benchmark profiles are intended for high-security environments and require more coordination and planning to implement with minimal business disruption."

SCuBA M365 Baseline - "The Secure Cloud Business Applications (SCuBA) project provides guidance and capabilities to secure agencies’ cloud business application environments and protect federal information that is created, accessed, shared and stored in those environments. 

Binding Operational Directive - A binding operational directive is a compulsory direction to federal, executive branch, departments and agencies for purposes of safeguarding federal information and information systems. 44 U.S.C. § 3552(b)(1). Section 3553(b)(2) of title 44, U.S. Code, authorizes the Secretary of the Department of Homeland Security (DHS) to develop and oversee the implementation of binding operational directives.