Server Security Hardening
System hardening is a fundamental yet critical part of organization’s security assessment. Recent advanced cyber-attacks requires security professionals in organizations to pay more attention to security inside the perimeter. Most organizations set up an organizational security policy, unfortunately it is very common that servers are not properly configured complying with the policy.
Most systems running Windows/Linux or similar, provide basic hardening options, but in order to really protect the servers a deep, managed hardening process is required.
Basic hardening recommendations:
Remove unused user accounts
Unused user accounts are a big threat, intruders can use them to navigate the organizational network and gain administrators credentials. The best way to eliminate this threat is to remove or disable them. If there are user accounts which are not often used, they should be properly disabled or limited keeping only abilities relevant to their functionality.
Limit users and processes
Resources are the most valuable asset. Users and processes should not be able to access any sensitive data. Only if their access is critical they should be formally authorized and then added to the appropriate access groups or access lists.
Disable unused (network) services
Network services are often the first to be targeted by attackers. Any unused service, especially those on the network, should be disabled. Additionally, services which are required on the internal network, could be filtered with firewalls. This way only authorized systems can access the related service.