Overview of OS Hardening

Philosophy

Out of the box, nearly all operating systems are configured insecurely. The idea of OS hardening is to minimize a computer's exposure to current and future threats by fully configuring the operating system and removing unnecessary applications.

Procedure

The Information Security Office recommends using a CIS Benchmark (a step-by-step document) as a guide to hardening your operating system. The Center for Internet Security is a non-profit organization that provides Benchmarks and Scoring Tools to improve the security of several operating systems and applications.

Harden your OS off-line as much as possible to minimize exposure.

Major milestones, as well as CSUSB specific configuration steps, are listed below.

1. Disconnect from Network

2. Install from a Trusted Source

3. 1. Apply Patches Off-Line
   2. Install Applications Off-Line

4. Follow a CIS Benchmark

5. Disable or Restrict Services

6. Configure Periodic (Automatic) Updates

7. Install CSUSB Root Certificate

8. Be Cyber Safe!!