The current geopolitical situation with Russia and Ukraine continues to evolve. With the reported cyber attack against Ukraine’s financial infrastructure by Russia, financial firms worldwide are evaluating their cybersecurity readiness and ensuring that their IT systems are “hardened,” or properly secured.
Systems hardening is a collection of tools, techniques, and best practices to reduce vulnerability in technology applications, systems, infrastructure, firmware, and other areas. Hardening demands a methodical approach to audit, identify, close, and control potential security vulnerabilities throughout the entire IT lifecycle. The following are best practices.
Network hardening involves securing the communication of multiple servers and computer systems operating within a network. One way to do this is through establishing an IPS (intrusion prevention system) or IDS (intrusion detection system) to monitor and report suspicious activity in a network. IPS also prevents unauthorized access to the network. Additional functions include configuring and securing network devices, auditing network rules and network access privileges, disabling unused or unnecessary network protocols/ports, encrypting network traffic, and disabling network services and devices not in use. Also, vulnerabilities in devices are corrected to prevent exploitation which can lead to network access.
Server hardening involves securing data, ports, functions, and permissions of a server. Additionally, establishing a strong password policy, protecting sensitive data with AES encryption or self-encrypting drives, and implementing firmware resilience technology and multi-factor authentication are all recommended. This should be completed system-wide on the hardware, firmware, and software layers.
Application hardening pertains to patching and updating vulnerabilities. It involves updating application code to further enhance its security or using additional security solutions. It also involves software-based security measures to protect any standard or third-party application installed on a server. Application hardening focuses on securing specific applications, such as web browsers, spreadsheet programs, or custom software.
Database hardening involves reducing vulnerabilities in digital databases and database management systems. This is used to harden repositories of data, as well as applications used to interact with that data.
Much like application hardening, an operating system involves patch management that can monitor and install updates, patches, and service packs.