Hysolate has come out with some system hardening guidelines for 2021. Many of these may seem to be basic information, but we still see the results of missing basic security measures implemented well.
- These basic guidelines are effectively a small checklist that include:
- Automatically applying OS updates
- Removing or disabling non-essential services, software, drivers, file sharing options, and remote desktop functionality
- Requiring strong passwords and enforcing complexity and mandatory changes
- Logging all activities, warnings, and errors
- Restricting unauthorized access and implementing access controls.
These are the most basic implementations and they work well for basic access, but what about user error, phishing, and visiting unapproved websites? Implementation of virtual machines can assist with separating users into sandboxed locations. The benefits of this type of computing include less hardware, and ease of disaster recovery. In addition, new virtual machines may be started in a very quick time frame and updating may be automated to provide the client with a seamless experience.
Despite the ease of use of virtual machines, human error can never be ruled out and misconfigurations, while often recoverable, can cause availability issues. Further, organizations need to ensure that any data that is subject to protections, including PII and credit card data, are secure as per legislation and defined policies.
Zlotnik, O. System Hardening Guidelines for 2021: Critical Best Practices. 5 March 2021. Hysolate. System Hardening Guidelines for 2021: Critical Best Practices – Hysolate
Kegerreis, M, Schiller, M., Davis, C. IT Auditing Using Controls to Protect Information Assets, Third Edition. 2020. McGraw-Hill Education.
Cybersecurity In Action 