Why is System Hardening so Important?

In this day and age, protecting your system and your system data is imperative. Luckily, there are steps you can take to prevent cyberattacks and to increase the security of your data. System hardening, also called Operating System (OS) hardening, is the process of securing a system by reducing its surface of vulnerability. It is done to minimize a computer Operating System’s exposure to threats and to mitigate possible risks. The cost/benefit of mitigating risk drives value and conveniently, most computers offer network security features to limit outside access to the system.

The following items are recommendations to perform every few months in order to strengthen your OS and reduce its risk of a cyberattack:

• Programs Clean-up

Remove unnecessary programs because every program is a potential entry point for a hacker. Cleaning diminishes the number of ways into a system. If the program is not something vetted by the IT team, it should not be installed. Attackers look for backdoors and security holes when attempting to compromise networks, so it is best to minimize their chances.

• Use of Service Packs

Keep your OS up-to-date and install the latest version. It is a simple and easy rule to follow.

Patches and Patch Management

Use auto-updates and apply critical patches as soon as possible.

Access Control

Windows, Linux, and Mac OS X all provide user, group, and account management features that can be used to restrict access to files, networking, and other resources. Review these features, as the defaults are not strict, and ensure that you grant rights only to the users that truly need it.

Disable and eliminate unneeded accounts

Firewall Configuration

Your OS has a firewall set up by default. When connected to a VPN that is managed by IT, you are typically covered by a more robust firewall configuration.

• Check your PC’s Security and Privacy Settings

It is best to disable OS or application features you are not using. For example, Windows typically comes with Skype, but if you have never used it, disable or uninstall it. It can be consuming resources or creating potential security holes.

• Network, Server, Application, and Database Hardening Measures

 These should be thought about and acted upon, although typically, this is handled by IT specialists.

More Best Practice Tips:

• Do not leave your computer unlocked when unattended

• Use a password manager

• Office 365 users:

 Create, store, manage, and share your files in the cloud using OneDrive for easy access via all your devices.

• Use an anti-virus application

  Most OSs have a built-in anti-virus application to protect against infected attachments, etc. Verify that you have one and ensure that it is configured to download the latest definitions.

• Do not use free or public Wi-Fi

If you do, use your VPN software.

As an alternative option, use your mobile phone as a hotspot instead.

• Do not open suspicious email attachments or respond to suspicious requests

Report them to your IT department.

Avoid illegal file sharing

  Pirated software and peer-to-peer sites can expose information to everyone else who uses the site and are riddled with malware.

• Establish a backup solution

Windows and Mac have built-in backup functions available.

Ultimately, by devoting a little bit of time to hardening your Operating System, you can save yourself a great deal of time in the long run by diminishing the risk of a successful cyberattack. Please note that an OS hardening strategy also needs to be complemented by a data backup, which is the final line of defense. This way, if something goes awry, you can restore your PC and all of your data.

Relevant blogs: 

What is some system hardening standards

OS Hardening: 10 Best Practices

Center for Internet Security (CIS) Benchmarks for OS Security

OS Hardening vs. Data Protection