{"id":8788,"date":"2024-05-08T09:24:59","date_gmt":"2024-05-08T07:24:59","guid":{"rendered":"https:\/\/www.teal-consulting.de\/2024\/05\/08\/gpos-und-systemhaertung\/"},"modified":"2024-06-17T10:13:22","modified_gmt":"2024-06-17T08:13:22","slug":"gpos-and-system-hardening","status":"publish","type":"post","link":"https:\/\/www.teal-consulting.de\/en\/2024\/05\/08\/gpos-and-system-hardening\/","title":{"rendered":"GPOs put to the test: Why group policies are not enough for professional system hardening"},"content":{"rendered":"<div class=\"wpb-content-wrapper\">[vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;30&#8243;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text][\/vc_column_text][vc_empty_space height=&#8221;20&#8243;][vc_column_text]We are often asked why we do not carry out system hardening using Group Policies or Group Policy Objects. The simple answer is that it is extremely inefficient and leads to unsatisfactory results. In this article, we explain why this is the case.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>A guest article from our partner: <a href=\"https:\/\/www.fb-pro.com\/\" target=\"_blank\" rel=\"noopener\">FB Pro GmbH<\/a><\/strong>[\/vc_column_text][vc_empty_space height=&#8221;20&#8243;][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;50&#8243;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h2>Group policies: Effective and essential<\/h2>\n[\/vc_column_text][vc_empty_space height=&#8221;20&#8243;][vc_column_text]Group Policy Objects (GPO), known as group policies in German, marked a significant advance when they were introduced around 25 years ago. They enable administrators to implement a consistent configuration on remote or distributed systems in a minimum of time.<\/p>\n<p>Creating effective group policies was relatively straightforward when they were first introduced. To this day, GPOs remain a common and widely used tool for distributing and maintaining configurations. Nevertheless, it is becoming increasingly clear that Group Policy Objects lack important functions or do not focus on them.<\/p>\n<p>Microsoft itself, for example, emphasizes <a href=\"https:\/\/learn.microsoft.com\/en-us\/archive\/blogs\/ashleymcglone\/compare-group-policy-gpo-and-powershell-desired-state-configuration-dsc#group-policy-vs-powershell-dsc\" target=\"_blank\" rel=\"noopener\">in an article<\/a> the advantages that newer technologies such as PowerShell DSC offer over GPOs.[\/vc_column_text][vc_empty_space height=&#8221;20&#8243;][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;50&#8243;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h2>Can system hardening be carried out using GPOs?<\/h2>\n[\/vc_column_text][vc_empty_space height=&#8221;20&#8243;][vc_column_text]Yes, in principle, GPOs can technically be used to distribute system configurations and corresponding hardening settings.<\/p>\n<p>For example, you can follow the <a href=\"https:\/\/www.bsi.bund.de\/DE\/Service-Navi\/Presse\/Pressemitteilungen\/Presse2021\/210503_SiSyPHuS.html\" target=\"_blank\" rel=\"noopener\">BSI&#8217;s SiSyPHuS guidelines<\/a> by downloading <a href=\"https:\/\/www.bsi.bund.de\/DE\/Service-Navi\/Publikationen\/Studien\/SiSyPHuS_Win10\/AP12\/SiSyPHuS_AP12_node.html\" target=\"_blank\" rel=\"noopener\">the recommended group policy objects for hardening Windows 10<\/a>. Hardening configurations can then be transferred to the target systems on the basis of GPOs. The Center for Internet Security (CIS) also offers group policy-based configuration sets.<\/p>\n<p>However, there are weighty arguments against implementation via GPO:<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>The use of group policies is associated with a high level of manual configuration and documentation effort, both initially and on an ongoing basis.<\/li>\n<li>Systems that are not integrated into the domain must be handled separately, as GPOs managed centrally in the Active Directory are not applicable here. This includes DMZ or OT environments, for example.<\/li>\n<li>Linux-based systems also require separate consideration.<\/li>\n<li>The hardening requirements of organizations such as the BSI and CIS often exceed the technical possibilities that can be implemented with standard GPOs.<\/li>\n<li>For an adequate implementation, additional technical configuration methods such as PowerShell must be used or own ADMX templates must be developed, which significantly increases the complexity and documentation effort.<\/li>\n<li>GPO settings do not always reach the target systems. With hundreds of servers or clients, it is necessary to check whether the settings have been applied correctly.<\/li>\n<li>OU structures often contain historically outdated computer objects, which makes an initial clean-up necessary &#8211; especially as there are no recovery options.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n[\/vc_column_text][vc_empty_space height=&#8221;20&#8243;][vc_column_text]In a world where cyber threats are constantly evolving, the question arises as to whether it is still appropriate to rely on \u201crigid\u201d group policies in IT security. As mentioned at the beginning, there is a lack of crucial functionalities for effective Security Configuration Management (SCM)![\/vc_column_text][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;50&#8243;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h2>Secure system configuration with group policies: The pros and cons<\/h2>\n[\/vc_column_text][vc_empty_space height=&#8221;20&#8243;][vc_column_text]In the table below, we summarize what we consider to be the most important plus and minus points of system hardening using GPOs:<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-8776 lazyload\" data-src=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal.png\" alt=\"\" width=\"529\" height=\"608\" data-srcset=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal.png 2181w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal-261x300.png 261w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal-891x1024.png 891w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal-768x883.png 768w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal-1336x1536.png 1336w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal-1782x2048.png 1782w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal-700x805.png 700w\" data-sizes=\"(max-width: 529px) 100vw, 529px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 529px; --smush-placeholder-aspect-ratio: 529\/608;\" \/><\/p>\n<p>In other words: System hardening using Active Directory and group policies forms a monolithic approach that requires extensive manual work. A challenge that overloaded IT departments often find difficult to overcome.[\/vc_column_text][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;50&#8243;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h2>How can sustainable system hardening be achieved?<\/h2>\n[\/vc_column_text][vc_empty_space height=&#8221;20&#8243;][vc_column_text]If you only have a few systems to administer, for example a few workstations and servers, hardening via GPO may be fine. The effort required for implementation, monitoring and adjustments is considerable, but feasible with a well-staffed IT team.<\/p>\n<p>However, in extensive IT landscapes, comprehensive and sustainable system hardening that covers all facets of security configuration management at a high level is not feasible with GPOs &#8211; at least not without a disproportionate amount of effort.<\/p>\n<p>The only sensible solution for this is automation! To date, there are hardly any professional solutions on the market for automating system hardening. One exception: <a href=\"https:\/\/aktionen.teal-consulting.de\/en\/enforce-administrator\/\" target=\"_blank\" rel=\"noopener\">the Enforce Administrator<\/a>.<\/p>\n<p>This tool enables hardening to be carried out independently, based on proven and current standards &#8211; for example from Microsoft, BSI, CIS and DISA.<\/p>\n<p>Enforce Administrator also offers a systems management and audit system to monitor the compliance status. Regular \u201cself-healing\u201d according to the defined configurations is also part of the solution.[\/vc_column_text][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;50&#8243;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h2>Group policies vs. Enforce Administrator<\/h2>\n[\/vc_column_text][vc_empty_space height=&#8221;20&#8243;][vc_column_text]What are the strengths ofGPOs? And in which areas does the Enforce Administrator score points? You can find the answers here:<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-8782 lazyload\" data-src=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal_2.png\" alt=\"\" width=\"529\" height=\"619\" data-srcset=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal_2.png 2181w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal_2-256x300.png 256w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal_2-875x1024.png 875w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal_2-768x899.png 768w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal_2-1313x1536.png 1313w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal_2-1750x2048.png 1750w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2024\/05\/gpo-hardening-blog-teal_2-700x819.png 700w\" data-sizes=\"(max-width: 529px) 100vw, 529px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 529px; --smush-placeholder-aspect-ratio: 529\/619;\" \/>[\/vc_column_text][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;50&#8243;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h2>Conclusion<\/h2>\n[\/vc_column_text][vc_empty_space height=&#8221;20&#8243;][vc_column_text]Group policies and Active Directory undoubtedly have their strengths. However, they quickly reach their limits when it comes to implementing Security Configuration Management (SCM). SCM requires not only the implementation of secure configurations, but also integration into existing processes, security incident detection capabilities and continuous monitoring.<\/p>\n<p>Due to the current skills shortage, it is almost impossible to find the time for the extensive manual work required to overcome these limitations.<\/p>\n<p>For sustainable system hardening, SCM needs to be automated &#8211; at all levels: setup, monitoring and customization. This is the only way to keep IT infrastructures compliant with current recommendations and standards in the long term and effectively reduce the risk of successful cyber attacks.[\/vc_column_text][vc_empty_space height=&#8221;20&#8243;][vc_column_text]____<\/p>\n<p><em>About FB Pro GmbH:<\/em><\/p>\n<p><em>FB Pro focuses on the hardening of IT systems and infrastructures. The Rhineland-Palatinate-based team has developed its own standardized solutions and products for this purpose. These help companies to preventively protect their system landscapes faster and more efficiently.<\/em>[\/vc_column_text][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;100&#8243;][vc_raw_html]JTNDYSUyMGhyZWYlM0QlMjJqYXZhc2NyaXB0JTNBaGlzdG9yeS5iYWNrJTI4JTI5JTIyJTNFJTNDc3BhbiUyMHN0eWxlJTNEJTIyY29sb3IlM0ElMjAlMjNmZjIwNzAlM0IlMjIlM0UlM0MlM0MlMjBCYWNrJTNDJTJGc3BhbiUzRSUzQyUyRmElM0U=[\/vc_raw_html][vc_empty_space height=&#8221;50&#8243;][vc_separator type=&#8221;small&#8221; position=&#8221;center&#8221; color=&#8221;#eeeeee&#8221; thickness=&#8221;2&#8243; width=&#8221;1100&#8243;][vc_empty_space height=&#8221;50&#8243;][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;30&#8243;][vc_column_text]\n<h4>LATEST POSTS<\/h4>\n[\/vc_column_text][vc_empty_space height=&#8221;30&#8243;]\n<div class='latest_post_holder boxes three_columns one_row' >\n    <ul>\n    \n        <li class=\"clearfix\">\n            <div class=\"boxes_image\">\n                                <a itemprop=\"url\" href=\"https:\/\/www.teal-consulting.de\/en\/2026\/06\/01\/microsoft-entra-break-glass-best-practices\/\"><img decoding=\"async\" width=\"539\" height=\"303\" data-src=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/06\/MS-Entra-Break-Glass-Teal-539x303.jpg\" class=\"attachment-latest_post_boxes size-latest_post_boxes wp-post-image lazyload\" alt=\"\" data-srcset=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/06\/MS-Entra-Break-Glass-Teal-539x303.jpg 539w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/06\/MS-Entra-Break-Glass-Teal-300x169.jpg 300w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/06\/MS-Entra-Break-Glass-Teal-1024x576.jpg 1024w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/06\/MS-Entra-Break-Glass-Teal-768x432.jpg 768w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/06\/MS-Entra-Break-Glass-Teal-1536x864.jpg 1536w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/06\/MS-Entra-Break-Glass-Teal-700x394.jpg 700w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/06\/MS-Entra-Break-Glass-Teal.jpg 1920w\" data-sizes=\"(max-width: 539px) 100vw, 539px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 539px; --smush-placeholder-aspect-ratio: 539\/303;\"><\/a>\n            <\/div>\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h4 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/www.teal-consulting.de\/en\/2026\/06\/01\/microsoft-entra-break-glass-best-practices\/\">Emergency Access in Microsoft Entra: Best Practices for Your Break-Glass Accounts<\/a><\/h4>\n                            <p class=\"excerpt\">The so-called \u201cbreak-glass\u201d accounts. In this article, we'll show you how to securely set up, harden, and monitor this last line of defense in Microsoft Entra according to current best practices....<\/p>\n                            <span class=\"post_infos\">\n                                                                    <span class=\"date_hour_holder\">\n                                        <span itemprop=\"dateCreated\" class=\"date entry_date updated\">01 June, 2026 <meta itemprop=\"interactionCount\" content=\"UserComments: 0\"\/><\/span>\n                                    <\/span>\n                                                                                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n    \n        <li class=\"clearfix\">\n            <div class=\"boxes_image\">\n                                <a itemprop=\"url\" href=\"https:\/\/www.teal-consulting.de\/en\/2026\/05\/03\/why-your-windows-hardening-will-be-outdated-in-march-2026\/\"><img decoding=\"async\" width=\"539\" height=\"303\" data-src=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/10\/teal-blog_system-hardening-headerbild-539x303.jpg\" class=\"attachment-latest_post_boxes size-latest_post_boxes wp-post-image lazyload\" alt=\"\" data-srcset=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/10\/teal-blog_system-hardening-headerbild-539x303.jpg 539w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/10\/teal-blog_system-hardening-headerbild-300x169.jpg 300w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/10\/teal-blog_system-hardening-headerbild-1024x575.jpg 1024w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/10\/teal-blog_system-hardening-headerbild-768x432.jpg 768w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/10\/teal-blog_system-hardening-headerbild-1536x863.jpg 1536w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/10\/teal-blog_system-hardening-headerbild-700x393.jpg 700w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/10\/teal-blog_system-hardening-headerbild.jpg 1920w\" data-sizes=\"(max-width: 539px) 100vw, 539px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 539px; --smush-placeholder-aspect-ratio: 539\/303;\"><\/a>\n            <\/div>\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h4 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/www.teal-consulting.de\/en\/2026\/05\/03\/why-your-windows-hardening-will-be-outdated-in-march-2026\/\">Configuration Vulnerability? Why Your Windows Hardening Will Be Outdated in March 2026<\/a><\/h4>\n                            <p class=\"excerpt\">With the March 2026 update, the rules for Windows 11 and Windows Server have changed. It is essential that you familiarize yourself with these changes and adjust your hardening configuration....<\/p>\n                            <span class=\"post_infos\">\n                                                                    <span class=\"date_hour_holder\">\n                                        <span itemprop=\"dateCreated\" class=\"date entry_date updated\">03 May, 2026 <meta itemprop=\"interactionCount\" content=\"UserComments: 0\"\/><\/span>\n                                    <\/span>\n                                                                                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n    \n        <li class=\"clearfix\">\n            <div class=\"boxes_image\">\n                                <a itemprop=\"url\" href=\"https:\/\/www.teal-consulting.de\/en\/2026\/04\/29\/bsi-update-grundschutz\/\"><img decoding=\"async\" width=\"539\" height=\"303\" data-src=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/09\/teal_blog_on-prem-safe_header-539x303.jpg\" class=\"attachment-latest_post_boxes size-latest_post_boxes wp-post-image lazyload\" alt=\"\" data-srcset=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/09\/teal_blog_on-prem-safe_header-539x303.jpg 539w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/09\/teal_blog_on-prem-safe_header-300x169.jpg 300w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/09\/teal_blog_on-prem-safe_header-1024x575.jpg 1024w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/09\/teal_blog_on-prem-safe_header-768x432.jpg 768w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/09\/teal_blog_on-prem-safe_header-1536x863.jpg 1536w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/09\/teal_blog_on-prem-safe_header-700x393.jpg 700w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2022\/09\/teal_blog_on-prem-safe_header.jpg 1920w\" data-sizes=\"(max-width: 539px) 100vw, 539px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 539px; --smush-placeholder-aspect-ratio: 539\/303;\"><\/a>\n            <\/div>\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h4 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/www.teal-consulting.de\/en\/2026\/04\/29\/bsi-update-grundschutz\/\">BSI Update: Grundschutz++ Will Become Mandatory in 2028 \u2013 Why You Should Take Action Now<\/a><\/h4>\n                            <p class=\"excerpt\">The wait is over: The BSI has published the first guidelines for Grundschutz++. What at first glance looks like additional bureaucratic red tape is, in fact, the new \u201cstate of the art\u201d for NIS2. ...<\/p>\n                            <span class=\"post_infos\">\n                                                                    <span class=\"date_hour_holder\">\n                                        <span itemprop=\"dateCreated\" class=\"date entry_date updated\">29 April, 2026 <meta itemprop=\"interactionCount\" content=\"UserComments: 0\"\/><\/span>\n                                    <\/span>\n                                                                                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n        <\/ul>\n<\/div>[\/vc_column][\/vc_row]\n<\/div>","protected":false},"excerpt":{"rendered":"<p>We are often asked why we do not harden systems using group policies or group policy objects. The simple answer to this is: handling is extremely inefficient, which leads to unsatisfactory results.<\/p>\n","protected":false},"author":14,"featured_media":8786,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1161],"tags":[],"class_list":["post-8788","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-gastbeitraege-en"],"_links":{"self":[{"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/posts\/8788","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/comments?post=8788"}],"version-history":[{"count":6,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/posts\/8788\/revisions"}],"predecessor-version":[{"id":8794,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/posts\/8788\/revisions\/8794"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/media\/8786"}],"wp:attachment":[{"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/media?parent=8788"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/categories?post=8788"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/tags?post=8788"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}