Network Computing is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
The process of server hardening is complex and unique in its structure and demands, therefore requires the active participation of the teams’ management.
The hardening project can be divided into three stages:
Setting a policy
Your hardening policy will determine how your servers will be configured according to their role, version, and environment. Management involvement is needed in order to address the following issues:
A) Managing the key players in this stage – Security & IT teams
Security and IT teams often maintain conflicting agendas. The policy can rely on best practices, such as the CIS Benchmarks, but the final policy will eventually be agreed upon following discussions between the two sides.
B) Finding the balance between security and functionality
Hardening requires a balance between security and functionality. The policy must consider both the security team’s requirements, but also the IT team’s ability to implement it using currently allocated time and manpower levels.
Management should take responsibility for deciding which challenges must be met and which aren’t worth the time and operational costs. 
C) Deciding the right policy granularity
Every IT infrastructure contains multiple servers, each with different roles and versions, in several types of environments. Each one of them requires its own security policy. This can cause confusion. The process must be managed correctly in order to make sure that each server in every environment is properly handled.
Implementing the policy
Once the policy is approved, it must be implemented in its approved version. This stage imposes a major technical challenge and can cause severe damage to the organization.
The only way to minimize the risk for production outages is to understand the potential impact of your policy on your production before enforcing it – Impact Analysis.
You have two options to choose from when implementing your policy:
Option 1: Policy implementation using GPO, configuration management tools, or manual methods.
You can divide this option into two stages:
Stage 1: Setting up a test environment and performing an impact analysis of the policy.
The policy must be tested on a dedicated test environment in order to understand its impact (impact analysis).
In an optimal impact analysis, you’ll need to perfectly simulate every type of environment that you have in production. After doing that, you’ll need to simulate every required policy and check its impact on the server’s functionality.
Stage 2: Implementing the policy on a production environment.
IT teams implement the policy on the production system, hoping that nothing breaks. Since a highly accurate impact analysis is difficult to achieve using only native tools, things often do break.
Option 2: Policy implementation using a hardening automation tool:
You can divide this option into three stages:
Stage 1: Learning your production environment’s structure and dependencies.
Hardening automation tools will learn the servers’ activity in your production environment and perform the impact analysis directly on them. This eliminates the need to set up test environments and do the impact analysis manually, and you’ll get the most accurate impact analysis possible.
Stage 2: Automatically producing a full impact analysis report.
This will allow you to make an informed decision regarding cases in which a configured value in your policy may break a server.
Stage 3: Enforcing the policy from a central point of management.
This will allow you to minimize the number of users authorized to make changes in your infrastructure, thus improving your security posture.
Monitoring the policy and maintaining compliance
Ongoing monitoring and maintenance are required as the production environment constantly changes and new vulnerabilities are discovered.
You have two options to choose from:
Option 1: Monitoring the policy manually or by using scanning tools.
You’ll need to implement structured procedures for:
Option 2: Policy monitoring and compliance maintenance using Hardening Automation Tools.
By choosing this option, you’ll receive the following:
How to plan and manage a successful hardening project
The key for a successful hardening project is to understand the challenge, generate a plan tailored to your unique organizational needs, and choosing the right techniques and tools for execution.
Your main dilemma, as we presented in this article, is how deep are you going to go with automation, and this is really a matter of ROI.
From a perspective of 20 years of hardening and dozens of hardening projects, we suggest looking at the number of your machines as an indication of the level of automation required. Our experience shows that organizations with over 200-300 machines in their infrastructure achieve a good ROI from using hardening automation tools and automating the entire hardening process.
You can continue your reading in this eBook: “How to Plan and Manage a Hardening Project.”
How to hamper the adversary using AI-Powered cybersecurity.
Zero-shot AI can function as an almost omnipresent figure that’s constantly analyzing logs, network traffic, and user actions to scan for irregularities.
Secure boot features are typically customizable and capable of being turned on or off by the OEM. The question then arises of which mode should be the default.
Organizations are tacitly agreeing to accept greater risk by moving quickly without equal attention to security. The new normal we heard so much about throughout the pandemic is apparently “insecure by default.”
Zero Trust allows IT professionals to maintain a high level of security despite the extending boundaries of the network perimeter due to the increased use of cloud and remote work.
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and head office is 5 Howick Place, London, SW1P 1WG.

source

You May Also Like

Cloud May See More AI, Face Increased Geopolitical Friction

Network Computing is part of the Informa Tech Division of Informa PLCThis…

Securing Private Cloud Workloads Using Zero Trust Methodologies

Zero trust is so much more than simply controlling authentication and authorization…