Security Hardening Techniques
Name of Student
Institution
Hardening Techniques Summary to the Management
Hardening technique is a process of reducing the level of attacks and threats from the attackers. The measure is made on the standards that ensure the pc framework is organized in a manner that it can perform what a person is expected to under normal conditions. The hardening technique is considered an integral part of information security. The technique entails the basic rule of prevention, detection, and the disallowing principle. The issues below involve hardening techniques.
Previous attempts to protect user accounts have resulted in users writing long passwords down and placing them near their workstations. Users should not write down passwords or create passwords that attackers could easily guess, such as words founds in the dictionary.
When addressing this issue, the management should include all the organization members in the training program that deliberates on the requirements of advanced security. Implemented policies should be put in place to ascertain whether the password adheres to the different procedures that are vital for powerful passwords. Therefore, the management should consider Involving password characters from the three different classes such as lowercase, uppercase, and Unicode letters. Also, the management should aim at maintaining the security standards by ensuring that all associates in the workstations can adhere to the measures placed with little studying curve. Additionally, the management should ensure that password used to meet the intricate measure if the characters combined are more than eight. The management needs to realize that a long password makes it difficult for attackers to access any information.
Every user, regardless of role, must have at least one unique user account. A user who operates in multiple roles may have multiple unique user accounts. Users should use the account for its intended role only
Every member of the organization should ensure that the account has been utilized in the right way and for its specific purposes to ensure unauthorized persons do not access or make any alterations from various workstations. For instance, for a PC containing an active administrative account, it would be wiser to create more accounts through the control, section (Martinelli, 2018). The measure will help to ensure that participants do not use the account for their responsibilities without getting full administrative measures. Additionally, concealing the administrator account with windows 7 would help the management to recover control if any user had tried to disable the account. Also, the management should understand that when deactivating the secretive administrator, it is important to create an alternative user name account before opening the command prompt and ensure to hide the command.
Anonymous users of the web server applications should only be able to access servers located in the demilitarized zone (DMZ). No anonymous web application users should be able to access any protected resources in the Always Fresh IT infrastructure
It is important for the management to fully understand how to ensure the server’s application security by understanding how firewalls work and where to locate them (Yildirim & Mackie, 2019). Also, the management should be able to solve the issue at hand by installing a firewall among the user’s interior network and the webserver. To easily meet the unknown application and prevent the same person from accessing the interior network, it would be important for the management to fix the demilitarized zone and the webserver. More importantly, the management should recognize that firewalls will help prevent issues of network insecurity that might occur internally from the organization or externally from the server. Further, the firewall will prevent permitted traffic from moving from one point to another
To protect servers from attack, each server should authenticate connections based on the source computer and user.
To prevent servers from any attack, the management should be able to carry on the process of Kerberos authentic for servers within the corporate. The management should consider using advanced technology to create a default warrant to the links made between the pc and the user. The technique provides the users and the servers a powerful authentication in any unreliable network. The management should ensure that the server connecting the source pc should be prevented. Additionally, the use of the application should be able to do what is required of a person.
In conclusion, the security administrator of an organization should be able to identify and address the hardening techniques to solve the listed problems and be able to handle such issues in the future. By doing so, the organization will develop very powerful windows authentication, information access, and connections. The management needs to consider offering the organization with more advanced security conditions.
References
Martinelli, K. (2018, April 6). Password Security Guidance. Retrieved from https://www.highspeedtraining.co.uk/hub/password-security-guidance/
Yildirim, M., & Mackie, I. (2019). Encouraging users to improve password security and memorability. 741-759.