System hardening is the process of securing a system by reducing the vulnerability surface by providing various means of protection in a computer system. protection provided to the system has a layer approach. Protecting in layers means to protect at the host level, application level, operating system level, user level and the physical level. Method of security provided at each level has a unique approach.
The purpose of system hardening is to eliminate as many security risks as possible. This is typically done by removing all non-essential software programs and utilities from the computer. While these programs may offer useful features to the user, if they provide “back-door” access to the system, they must be removed during system hardening.
Hardening’s goal is to eliminate as many risks and threats to a computer system as necessary.
Hardening activities for a computer system typically include:
• Defining and implementing Hardening security policies.
• Keeping security patches and hot fixes updated.
• Installing a firewall.
• Closing all unwanted ports on the system.
• Disallowing unnecessary file sharing among programs.
• Installing antivirus and spyware protection.
• Maintaining backup policies of the computer system.
• Creating strong password policy.
• Removing unnecessary programs and user accounts from the computer.
• Using encryption for sensitive data stored.