Main Content Region

OS Hardening

OS Hardening

Out of the box, nearly all operating systems are configured insecurely. The idea of OS hardening is to minimize a computer's exposure to current and future threats by fully configuring the operating system and removing unnecessary applications.

Procedure

The Information Security Office recommends using a Center for Internet Security Benchmark (a step-by-step document) as a guide to hardening your operating system. The Center for Internet Security is a non-profit organization that provides Benchmarks and Scoring Tools to improve the security of several operating systems and applications.

Harden your OS off-line as much as possible to minimize exposure.

Major milestones, as well as CSUSB specific configuration steps, are listed below.

  1. Disconnect from Network
  2. Install from a Trusted Source, usually a CD/DVD
  3. Apply Patches, off-line if possible
  4. Install Applications, off-line if possible
  5. Follow a CIS Benchmark
  6. Disable or Restrict Services — the benchmark will help
  7. Configure Periodic (Automatic) Updates
  8. Install CSUSB Root Certificate
  9. Be Cyber Safe!!