What is hardening?
Based on the principle of least privilege, hardening is about minimizing the attack surface available to the hackers and other threat actors. Hardening is an essential part of information security and includes the principles of deter, deny, delay and detection.
What is OS hardening?
This is the act of arranging an OS firmly, updating it, making rules and strategies to help oversee the system in securely, and eliminating needless applications and services. The purpose of this exercise is to reduce a computer OS’s contact to threats and to alleviate possible risk. OS hardening is one of the most significant steps toward thorough information security, since operating systems evolve over time and add more features and capabilities.
What is Windows hardening?
Windows comes equipped with a collection of features, applications and software that ought to be properly configured to guarantee the system is as hardened as possible.
Windows 10 must be installed fresh on a system. It’s important to create or find an appropriate installation media for your Windows 10 system (a reliable USB drive, preferably).
Clean up undesirable programs
Even in fresh installations of Windows 10, a system is expected to have redundant programs installed, which expand the attack surface, making it easy for threat actors to launch attacks. Make sure you corroborate that all installed programs are genuine and not bootlegged software, which could be filled with bloat and malware.
It’s important to encode hard drives. Windows 10 is equipped with BitLocker and has an easy encryption process. Trusted Platform Module (TPM) must be empowered to encode with BitLocker. Advanced editions of Windows 10 are equipped with TPM aided by default, while secure boot should be used together with encryption, linking the hard drive to the system hardware and ensuring that only Microsoft-trusted firmware is used upon boot.
Updates, fixes and service packs
Ensure that the Windows 10 system is caught up on all updates, patches and service packs. Attackers easily target a Windows 10 system that is not caught up on the latest updates and fixes or service packs.
Windows 10 systems come loaded with a Basic Input Output System (BIOS) like previous versions of Windows. The BIOS has a DOS-ish interface but doesn’t require extensive coding experience to operate. Prior to working with the BIOS, research whether your Windows 10 variant has any BIOS configuration applicable to it, then configure away.
What is Linux hardening?
Most systems have private data that should be secured. To do this, we need to protect our Linux system, by physically taking security measures to avert unlawful people from access the system in the first place. Then installation should be done correctly, so a strong foundation is there. Lastly, a set of common security measures need to be applied. Once it’s all done, your server or desktop system should be effectively secured.
Basic rules of system hardening
If we put a microscope on system hardening, we could divide the process into a few core principles. These include the principle of least privilege, segmentation, and reduction.
Principle of least privilege
The principle of least privileges implies that you give users and processes the bare minimum of consent to do their job. It is like granting a visitor access to a building. You could give full access to the building, including all sensitive areas. The other option is to only let your guest access a single floor where they need to be. The choice is easy, right?
- When read-only access is sufficient, don’t give write permissions
- Don’t allow executable code in memory areas that are highlighted as data sections
- Do not run applications as the root user, as an alternative use a non-privileged user account
The next principle is that you divide greater areas into smaller ones. If we look at that building again, we have split it into numerous floors. Each floor can be additionally divided into diverse regions. Perhaps you visitor is only permitted on floor 4, in the blue zone. If we interpret this to Linux security, this code would apply to memory usage. Each process can only access their own memory sections.
The objective of this principle is to eliminate something that is not sternly needed for the system to work. It appears like the principle of least privilege, yet it focuses on averting something altogether. A process that does not have to run, should be immobile. Alike for extra user accounts or subtle data that is no longer being used.
System hardening steps
1. Install security updates and patches
2. Use strong passwords
3. Bind processes to localhost
4.Implement a firewall
5. Keep things clean
6. Security configurations
7. Limit access
8. Monitor your systems
9. Create backups (and test!)
10. Perform system auditing
Benefits of systems hardening
Systems hardening recuperates incessant effort, but the assiduousness will pay off in practical ways across your organization via:
Improved system functionality: Fewer programs and less functionality means there is less risk of working issues, misconfigurations, irreconcilability, and negotiation.
Pointedly better security: A decreased attack surface interprets into a lower risk of data breaks, illegal access, systems hacking, or malware.
Easy compliance and auditability: Fewer programs and accounts along with a less complex setting means checking the environment will typically be clearer and more forthright.
Risks can be alleviated by a continuing process of hardening of Operating Systems; contingency plan is the most effective plan to secure an organizational system from collapse. In fact, the risks evaluation processes are about making decisions so as to curtail the risks. Contemporary computing environments are dispersed infrastructures which need any organization to develop interruption finding plans for the servers. An organization must similarly update its computer arrangement plan when pertinent changes occur. The environment will only work efficiently if the process is centralized. Therefore, it’s incumbent upon financial institutions to develop, execute and monitor suitable information security programs. Whether systems are maintained in-house or by a third-party vendor, suitable security controls and risk management methods should be put into use.