Types of System Hardening
The following are the major types of system hardening:
- Server Hardening: Server Hardening revolves around securing the ports, facts, permissions, and functions of a facts server. Some unusual practices for server hardening include the usage of robust passwords, imposing multiple authentications, and disabling USB ports.
- Software Application Hardening: Software Application Hardening revolves round securing the packages deployed at the server. Some common practices for hardening software programs encompass using antivirus, malware safety programs, organising intrusion detection systems.
- Operating System Hardening: Operating System Hardening refers to securing a system very own running system. One of the common practices for securing operating systems is uninstalling unnecessary device drivers, etc.
- Network Hardening: Network Hardening refers to the process of hardening the channel that is used for communication between two ports. The most effective way to ensure a security of network is to establish an intrusion detection system in the communication channel which helps in the detection of a potential attack in advance. Configuring firewalls and encrypting your organization’s network traffic is also a good practice for hardening your system.
Standards for System Hardening
System Hardening standards are the set of guidelines that are to be followed by all the deployed systems governed by them. These standards may vary from organization to organization depending on business needs, but there are certain requirements that are included in all of them. All the hardening standards layout rules regarding the patching and updates on OS, physical security, data encryption, access control, system backup, auditing, and monitoring.
Some of the common organizations that maintain guidelines for system hardening include:
- National Institute of Standards and Technology (NIST)
- Computer Information Security (CIS) Benchmarks
- Microsoft
What is System Hardening?
Systems hardening is a collection of tools, techniques, and good practices to decrease vulnerability in firmware, systems, infrastructure, applications, and other areas of technology. Systems hardening aims to lower security risk by removing possible points of attack and reducing the attack surface of the system.