System Hardening

Server security:

1. Always control physical and network access to critical servers, especially domain controllers, DNS servers, DHCP servers, and other infrastructure servers. Keep infrastructure servers in an access-controlled location.

2. Always perform tasks on the servers with the least possible privileges. Do not perform tasks with Administrator privileges, if possible. Use the Run As command (or equivalent) when needed.

3. Restrict user and machine access to groups that have loose security settings. Provide users and computers with the least possible permissions while still meeting their needs to access and use network resources.

4. Secure the data on the computers using strong ACLs and, if needed, the syskey utility. The syskey utility provides protection against password-cracking software that targets the Security Access Management (SAM) database or directory services. It uses strong encryption that is much more difficult (if not close to impossible) and time consuming to crack.

5. Require the use of strong passwords via password policy settings.

6. Restrict the downloading and installation of programs that do not come from known, trusted sources.

7. Maintain up-to-date virus protection on all systems.

8. Keep all software patches up to date. Patches often address newly discovered security holes. Applying patches in a timely manner on all affected machines can prevent problems that are easily avoided.

9. Deploy server, application and client-side security technologies:

■ Secure server traffic traveling on the network.

■ Secure application and user data traveling on the network.

■ Secure network access points and network access.

■ Secure client devices including desktops, laptops, and PDAs.

■ Implement automatically updating virus and spyware protection systems.

Project Management Made Easy

Project Management Made Easy

What you need to know about… Project Management Made Easy! Project management consists of more than just a large building project and can encompass small projects as well. No matter what the size of your project, you need to have some sort of project management. How you manage your project has everything to do with its outcome.

Get My Free Ebook

Post a comment