The guidelines and standards that I am most familiar with are from dealing with and learning about these organizations in class and they are; NIST, ISO, NSA, and COBIT. Just from being in the Military I know that I have had to abide by these and have used some at times but at the time I did not realize what they were because of lack of knowledge at the time. The steps that I have taken before in order to harden a system are as follows; made system updates, installed patches, properly configured workstations, configured and enforced Group Policies, monitored User Accounts, Configured password complexity policies on workstations, and enforced Acceptable Use Policy (AUP) Standards.
If any IT Administrator is half-way paying attention the first thing they should do is change any and all default logon/passwords. When configuring the policies as part of their security strategy they should configure the complexity settings required for passwords as well as the number of logon attempts before lockout. The functions that updates and patches serve are they fix bugs, vulnerabilities, and risks in systems that are in the operating software or any other software used on a system. Any anonymous access settings should be disabled to keep any unauthorized users from accessing the system. All unnecessary services should be removed or at least disabled to limit the possibility of vulnerabilities. The separation of production and development environments are essential to protecting an organizations assets, this can be done by setting up a DMZ for shared Web, Email, and Database Servers that are isolated by firewalls. Your Production and Development environment will be on the inside of the organization’s network instead of the DMZ and on a separate subnet than everything else with its own firewall. All of these are strategies of hardening and they all add up to the Defense in Depth concept (Lehtinen, Russell, & Gangemi Sr., 2011).
References
Works Cited...