Overview of OS Hardening

Out of the box, nearly all operating systems are configured insecurely. The idea of OS hardening is to minimize a computer's exposure to current and future threats by fully configuring the operating system and removing unnecessary applications.


The Information Security Office recommends using a Center for Internet Security Benchmark (a step-by-step document) as a guide to hardening your operating system. The Center for Internet Security is a non-profit organization that provides Benchmarks and Scoring Tools to improve the security of several operating systems and applications.

Harden your OS off-line as much as possible to minimize exposure.

Major milestones, as well as CSUSB specific configuration steps, are listed below.

  1. Disconnect from Network
  2. Install from a Trusted Source, usually a CD/DVD
    1. Apply Patches, off-line if possible
    2. Install Applications, off-line if possible
  3. Follow a CIS Benchmark
  4. Disable or Restrict Services — the benchmark will help
  5. Configure Periodic (Automatic) Updates
  6. Install CSUSB Root Certificate
  7. Be Cyber Safe!!