What is computer information system
The major system hardening methods and strategies that I am familiar with are updates and patches, default login, passwords and removal of services not required. It is always imperative to keep application software and operating systems up to date. This helps eliminate the weak points that make computer and information systems susceptible to attack and exploitation. Through the update and patches strategy, users download updates to add current features to the software. Operating systems require hotfixes, patches and services packs to be robust and secure from vulnerable attacks. In the event of security attacks, the perpetrators compromise routers, switches, servers and workstations. Updating the systems help in hardening the systems mentioned, making them robust to withstand diverse forms of currently technological attacks (Verizon Business Risk Team, 2009).
The second strategy involves the use of default login passwords to log into different systems. While using this method, it is easy to utilise unique default passwords. When users sign into to the systems for the first time, the default password can be changed. Moreover, I can also ensure restricted access to default passwords.
Anonymous strategies exist as forms of hardening. Using an access strategy that promotes anonymity, I can give particular users access rights to read only, edit only, make changes only. Hence, users can perform a single right. I can restrict file and directory access using file permissions and access control lists which may be anonymous to the users. Encrypting file systems and network systems ensure the protection of sensitive data in storage or transit. Removing unnecessary user accounts from the operating systems provide improved protection.
The third strategy involves removing services not necessary for particular operations. Unnecessary services and applications use processing power and available space on hard disks or solid state disks (Verizon Business Risk Team, 2009). Such applications and services are also susceptible to the operating system. For instance, most of the instant messaging applications are not necessary for the working environment. Because some may contain backdoors for easy accessibility by attackers, it is important to remove them. The strategy of removing unneeded services and applications helps in eliminating unnecessary services from running on computers and using resources unnecessarily. The computer has reduced workload, hence runs faster and efficiently. Separation of production and development environments is an important method of hardening. This strategy ensures that only necessary applications are allowed to run.
Settings such as password length and complexity help in hardening computer systems. Most of the modern operating systems provide users with password management and enforcement options (Verizon Business Risk Team, 2009). Using the pre-existing options prevent users from configuring weak or easy to guess passwords. There are also additional security levels to enforce regular password modifications and mechanisms to disable long in options when users fail some login attempts provided. These settings serve as means to ensure reduced opportunities for exploiting security systems for malicious attack purposes. Settings incorporating complex passwords and appropriate lengths for passwords help prevent malicious attacks from impersonating and valid users and attacking the systems. Strong passwords prevent loss of data, exposure to vulnerable security issues and corruption of sensitive data and information.
International organization standards (ISO), NIST and ANSI, have published guidelines and standards for system hardening (Rothman, 2016). The main hardening guidelines or standards that I am familiar with include Center for Internet Security (CIS) consensus model and Federal Desktop Core Configuration (FDCC) standard. CIS has a working group model responsible for establishing best system hardening practices, which are tested and feedback provided used to enforce recommended strategies, such as the use of intrusion detection systems and security patches. FDCC also enforces hardening standards on government computer systems. Most of the products used to scan for susceptibility, including IDS are supported by CIS and FDCC hardening standards (Rothman, 2016).
There are some steps to harden systems. The first step to hardening involves sec