By Arturo Romero, Senior Security Engineer, Secur-Serv
Device hardening reduces potential security threats and risks by strengthening devices components before they are deployed into your network. Devices don’t arrive pre-hardened. It’s up to you to eliminate as many as possible risks and threats to your computer system or network.
Why? This is the question I hear all the time when advising that new devices be hardened prior to network deployment. Why? Why check configurations before deployment? Why ensure if we are following a specific hardening standard? Why can’t we secure this device once it’s in the environment using other tools? As surprisingly simple the answer is to these questions, they are still asked. Device hardening is just one layer in a multi-layered approach to your security programs.
Everything that goes into hardening a device prior to its deployment helps to eliminate attack surfaces and threats. To put into perspective how simple yet impactful security hardening of devices is, the use of a screen lock after a brief period of inactivity forces you to log back in upon return. This is so simple a task, yet so impactful to the security of your system. No one should have the ability to walk up to your system and gain access to your information either from your office, while traveling, in a coffee shop, or even at home without your consent. Heck, most of us generally have our mobile phones password protected through various means, so why not extend that to devices that house much more valuable data and/or have access to sensitive systems? Or how about ensuring that remote access to your PC is disabled? It does come disabled but for many reasons sometimes it does become enabled. It is one of the most abused features of Windows, and cybercriminals target this feature for exploitation and the chance to give them complete access to your system.
I’ve only listed a taste of items you’ll want to ensure are hardened for your system. What else is there to harden, though? With the many different features and capabilities of your system, how do you know if the security you are applying to your device is the most up to date, or meets any requirement your organization needs to meet? It’s easy to go online and look at the many different hardening standards or guides but how do you know which ones apply to your current system?
Engaging an experienced managed security advisor such as Secur-Serv will help you eliminate risks and threats to your system. One of the best qualities of Secur-Serv is that we have decades of experience in multiple regulated environments as well as managing a vast array of systems. This experience has given us the breadth of knowledge required to provide the proper guidance and protection your systems need. Let us show you how we can answer your questions about device hardening.