Why is System Hardening so Important?
In this day and age, protecting your system and your system data is imperative. Luckily, there are steps you can take to prevent cyberattacks and to increase the security of your data. System hardening, also called Operating System (OS) hardening, is the process of securing a system by reducing its surface of vulnerability. It is done to minimize a computer Operating System’s exposure to threats and to mitigate possible risks. The cost/benefit of mitigating risk drives value and conveniently, most computers offer network security features to limit outside access to the system.
The following items are recommendations to perform every few months in order to strengthen your OS and reduce its risk of a cyberattack:
• Programs Clean-up
Remove unnecessary programs because every program is a potential entry point for a hacker. Cleaning diminishes the number of ways into a system. If the program is not something vetted by the IT team, it should not be installed. Attackers look for backdoors and security holes when attempting to compromise networks, so it is best to minimize their chances.
• Use of Service Packs
Keep your OS up-to-date and install the latest version. It is a simple and easy rule to follow.
Patches and Patch Management
Use auto-updates and apply critical patches as soon as possible.
Access Control
Windows, Linux, and Mac OS X all provide user, group, and account management features that can be used to restrict access to files, networking, and other resources. Review these features, as the defaults are not strict, and ensure that you grant rights only to the users that truly need it.
Disable and eliminate unneeded accounts
Firewall Configuration
Your OS has a firewall set up by default. When connected to a VPN that is managed by IT, you are typically covered by a more robust firewall configuration.
• Check your PC’s Security and Privacy Settings
It is best to disable OS or application features you are not using. For example, Windows typically comes with Skype, but if you have never used it, disable or uninstall it. It can be consuming resources or creating potential security holes.
• Network, Server, Application, and Database Hardening Measures
These should be thought about and acted upon, although typically, this is handled by IT specialists.
More Best Practice Tips:
• Do not leave your computer unlocked when unattended
• Use a password manager
• Office 365 users:
Create, store, manage, and share your files in the cloud using OneDrive for easy access via all your devices.
• Use an anti-virus application
Most OSs have a built-in anti-virus application to protect against infected attachments, etc. Verify that you have one and ensure that it is configured to download the latest definitions.
• Do not use free or public Wi-Fi
If you do, use your VPN software.
As an alternative option, use your mobile phone as a hotspot instead.
• Do not open suspicious email attachments or respond to suspicious requests
Report them to your IT department.
Avoid illegal file sharing
Pirated software and peer-to-peer sites can expose information to everyone else who uses the site and are riddled with malware.
• Establish a backup solution
Windows and Mac have built-in backup functions available.
Ultimately, by devoting a little bit of time to hardening your Operating System, you can save yourself a great deal of time in the long run by diminishing the risk of a successful cyberattack. Please note that an OS hardening strategy also needs to be complemented by a data backup, which is the final line of defense. This way, if something goes awry, you can restore your PC and all of your data.
Relevant blogs:
What is some system hardening standards
OS Hardening: 10 Best Practices
Center for Internet Security (CIS) Benchmarks for OS Security
Recent Comments
No comments
Leave a Comment
We will be happy to hear what you think about this post