You’ll be surprised to know giant organizations run their server’s operating system at default.
Who’ll go through the hassle of verifying 1000-server networks manually?
We find these stats funny, though they’re seriously concerning.
- Many administrators still use “passwords” as their passwords…
- and if that’s not enough, they use “admin” as usernames :/
- Take this one — one in five people haven’t considered changing their passwords ever
These stats clearly toss operating system security in the trash can.
*though you may feel servers production gets the head start quickly*
It’s also one of the reasons why operating system attacks like DDoS affect almost 10% of new organizations every year.
Of course, except the smart ones who get white-box DDoS testing done on their servers.
But despite the tests, what about the ones who aren’t getting tested?
How to secure operating systems for them?
Methodology to secure operating system
You’d want to know methods to secure the OS.
Who wouldn’t want to prevent hackers on their computers?
In fact, you save your PC or device from hacking by making sure your OS is secure!
- create a stable environment to run the applications,
- gain control access over resources,
- have external power and access over the environment,
So how do you gain so much control over your system?
Or what makes for a solid operating system?
Let’s find out.
How to secure your OS— 7-step process
Secure computer from hackers Step #1: Take care of user accounts
- Make sure your server computer has a limited user account. Why? The more user accounts, the more the system complexity and vulnerability.
- You should consider trusted users for administrative roles. Why? You want to have accountable and competent people in your organization. Also, it’ll be easier for you to take necessary actions should there be any mischief.
- Even with trusted users, give minimum access control over the application. Why? You don’t want attackers to have hands-on access to your system through the assigned users.
Secure computer from hackers Step #2: Manage account policies
- Create operating system passwords and security policies. How? Make sure you keep solid passwords and give them timely updates (don’t hesitate to make a schedule).
- Test if users are complying with the password policies. How? Try breaking the password. Send over the notification in case they don’t stand by the policies.
- You can use software to give protection and security in the operating system. How? Activate shadow files to restrict passwords.
Secure computer from hackers Step #3: Protect file system
- Minimize writing access on the directories, and go for read-only access to the users. Why? You want to prevent attackers from getting user permissions.
- Deny access to all the users by default. Why? It’s the best way to ensure the limited authority to the users who have been chosen to access the resources explicitly.
- Reject all the read and write access for all the users across all the directories. Why? It should be a viable solution to giving explicit permission to the users whom you’ve agreed to give. Great way to secure your resources from an administrator’s negligence.
Secure computer from hackers Step #4: Fix your network services
- Run minimum services on the main computer. Why? Services run on the application are directly proportional to the malicious attacks. So limit your services to have a more pliable system.
- You’d like to have control over network services access permission. Why? Network services are easiest to go public and make your system vulnerable.
- You may have to give access to the Web Server to some of your users but avoid granting them any entry to the shell functions.
- Be careful with unused services. Why? They start automatically and run on some operating systems, especially Microsoft. Check how to secure Windows 10 from hackers.
- Minimize total trusted ports. Why? You want to get hold of all the possible entry points to your OS. Eliminate or comment on the ports that you’re not going to use.
- Low-risk vulnerability, but NetBIOS threat has been pain across networks since the 1990s. How? Disable NetBIOS in the Ethernet adapter.
- Use user-space utility programs like IPtables as packet filter and firewall.
- Check your security updates to make sure all the services are contemporary.
- Try not to use the GUI. Why? A graphical user interface is a great entry point for security problems.
Secure computer from hackers Step #5: Look for system patches
- Don’t discount the vendor-recommended patch runs for your OS. Why? They’ll improve the stability of the software and remove the security holes.
- Schedule security patches as you would do for password policies.
Secure computer from hackers Step #6: Minimize your operating system
- Remove applications that you don’t use or are non-essential. Why? Every application is a potential attack on your computer.
- Use third-party protection software for buffer overflow.
Secure computer from hackers Step #7: Build system integrity
- Go for a repeatable and known process for building any production system. Why? It will ensure your system integrity is not compromised.
- Compare the snapshots of the original state of the system. Make it a periodical habit.
- Don’t shy from using third-party auditing software. The software gives the best system integrity auditing results.
- Schedule backup of system resources. Why? You can regain the original state should there be any attacks.
So these are the steps in order to secure the operating systems.
Tell us how you tighten up operating system security features?