I would like to start a new blog series about this subject that I find very important and which isn't well documented. This blog series will only deal with Microsoft's systems but system hardening apply to all systems.
What is System Hardening ?
System Hardening (or OS Hardening) is the process to address the weaknesses and security vulnerabilities in operating systems.
System Hardening is performed by applying the latest patches and updates as well as follow specific
procedures and policies to reduce the attack surface of the system.
Why should you use System Hardening and what are benefits ?
If you ask an IT guy about security level in its company, he’ll mostly say that there are Firewalls, IDS/IPS, Anti-Virus, Updates policies, Proxy/Reverse Proxy, VPN, DMZ and that they feel safe with that.
Most of companies I worked for don’t know about system hardening. And when they have heard of it, they think it’s too complex to implement or they feel safe enough to not use it.
But you have to consider the following assumptions :
- What will happen if someone gets in your infrastructure ?
- What will happen if one of your employees turns rogue ?
- Are you sure all your systems are configured the same way and well-configured ?
ALL systems have weakness and vulnerabilities, system hardening will help mitigate external and internal threats but also misconfigurations.
System Hardening will help you to :
- Increase the level of infrastructure security
- Enhance the availability of infrastructure
- Be compliant with best practice
- Improve infrastructure performance
- Avoid misconfigurations
So if you are concerned by security, you have to implement System Hardening.
What next ?
Later in this blog series I will present you some tools which can help you to implement System Hardening.
For today, I'll finish this post by presenting a tool which can help you to measure security level of your infrastructure : Microsoft Security Assessment Tool 4.0
Even if this tool isn't System Hardening related, it's an interesting tool.
The Microsoft Security Assessment Tool (MSAT) is a risk-assessment application designed to provide information and recommendations about best practices for security within an information technology (IT) infrastructure.
The tool employs a holistic approach to measuring your security posture by covering topics across people, process, and technology. Findings are coupled with prescriptive guidance and recommended mitigation efforts, including links to more information for additional industry guidance. These resources may assist you in keeping you aware of specific tools and methods that can help change the security posture of your IT environment.
This tool is available here : Microsoft Security Assessment Tool 4.0
First you have defined your company's profile (approximately 50 questions).
After that, you could make the security assessment.
It could be interesting to do several assessment with different persons like CTO, CISO, IT Architect ... to see their personnal vision of the company's security level.
After you finished the assesment you get a summary report of your security level.
A full detailed report is also available and which could be exported.
And you can also upload anonymously your assessment and compare results with other companies.
That's it for this first part,we'll see in the next part which tools you can use to implement System Hardening.
Aucun commentaire:
Enregistrer un commentaire