Hardening

The term hardening, as related to information technology, is the process of making a computer system more secure. The process is typically performed for servers but is also recommended for workstations.

Some typical steps taken when hardening a computer include:

  1. Update system with operating system and application program latest patches.
  2. Shut down unneeded services - This minimizes risk since there are fewer services running for an attacker to exploit.
  3. Only install needed services.
  4. Limit services to minimum access required.
  5. Limit administrator accounts to minimum access required and minimum amount.
  6. Configure logging to provide information about any security breaches or attacks.
  7. System security policies should be in place including policies about auditing, system updates, system password, and account passwords including settings detailing minimum lengths, complexity rules, and change frequency.
  8. Install an anti-virus program.
  9. Install and configure intrusion detection and intrusion prevention systems.