Steps to Hardening any Operating System

  • Program Clean-up

Checking the list of executables and associated registry entries, and removing unrecognized and unused ones, minimizes the digital surface open for attack and prevents malware.

  • Disable all unnecessary services

Disabling all unnecessary services will prevent dormant and disguised bots from taking over the system.

  • Clean up the Start-up programs

Cleaning up the list of programs that automatically get launched on system start-up prevents ad-bots, adware, spy-bots, and worms.

  • Apply appropriately restrictive permissions to files, services, endpoints and registry entries.

Inappropriate permissions could give an attacker an opening. The ability to launch CMD.EXE as “LocalSystem,” for example, is a classic backdoor.

  • Install Service packs

Installing service-packs and regular patches, and repeating all the hardening steps after each patch cycle, keeps the system vulnerabilities at a minimum.11