Bullet-proof network operating systems dont exist, but there are some common-sense steps that IT managers can take to make the NOS a less-attractive target for mischief-makers (and worse).
- Identify and remove unused applications and services. The fewer components intruders can get their hands on, the better off your networks will be.
- Implement and enforce strong password policies. Remove or disable all unnecessary accounts. This includes immediately removing accounts when workers leave the company.
- Limit the number of administrator accounts available, and make sure users and IT staff have only the privileges they need to do their jobs.
- Set account lockout policies to discourage password cracking.
- Remove unused file shares.
- Keep an eye out for new security patches and hot fixes.
- Log all user account and administrative task transactions. This is an extremely important step for forensics if your network OS does get hacked.
- Beware of “social engineering” tactics. Make sure that no one gives out important security information such as administrator passwords without getting approval from managers.
- Keep a secure backup solution handy to restore all systems in case of emergency.
Also in this Special Report
- Ignorance: The Hackers Best Friend
- Security Roundtable
- Here Be Dragons: Web Services Risks
- Threats to Come
- Trail of Destruction: The History of the Virus
- Community Builds Security: Labs Answers Your Security Questions
- WLAN Hardening Checklist
- Application Hardening Checklist
