The Hardening of a system is vital for today’s operations. With many treats it’s important to do the correct hardening of the system to ensure the integrity and the safety of the data. The results of incorrect security Hardening can be catastrophic and example is “Premera Blue Cross says hackers may have taken up to 11 million customer records. Those records include credit card numbers, Social Security numbers, even information even information about medical problems.” http://www.npr.org/blogs/alltechconsidered/2015/03/18/393868160/premera-blue-cross-cyberattack-exposed-millions-of-customer-records . So because the Hardening at Premera was bad we need to think to what needs to be done about it through proper thinks and planning you can create a Secure and Hardened system. In this paper I will discuss tools to Harden the Information, Systems, and the Network.
Information Information they part that is the most important to protect we harden this through encryption, and backing up the systems data files. How do we encrypt the information to make it protected simply by making plain text into a garble? The Encryption type is called Cryptography which is used to hide the true plain text message. A company will use IPsec which can be setup through the windows server. IPsec Uses two types of protocols to protect the data AH the first mechanism also known “Authentication header provides data authentication, strong integrity, and replay protection to IP datagrams. AH protects the greater part of the IP datagram. As the following illustration shows, AH is inserted between the IP header and the transport header.” http://docs.oracle.com/cd/E23824_01/html/821-1453/ipsec-ov-7.html. The second is called “Encapsulating security pay load (ESP) module provides confidentiality over what the ESP encapsulates. ESP also provides the services that AH provides. However, ESP only provides its protections over the part of the datagram that ESP encapsulates. ESP provides optional authentication services to ensure the integrity of the protected packet. Because ESP uses encryption-enabling technology, a system that provides ESP can be subject to import and export control laws.” http://docs.oracle.com/cd/E23824_01/html/821-1453/ipsec-ov-7.html. With IPsec and the algorithms they have will ensure that the message gets to the destination and will not be tampered with. Another is Bit locker with is more for securing operating systems are turned off, when the devices are back on the firewalls of the OS protect the data through the server IPsec. Another thing IPsec to protect the systems information can use VPN which for employees out of the office can access the data safely and securely through their authentication and authorization keys. Another way to protect the data is to back it up because hard drives can fail and files can become corrupt and then the viruses. By using drive Imaging software you can make a copy or image of the contents of the entire hard drive or partitions. This is in case you to need to re-image a computer because of hard drive failure file corruption or virus. There are two types of backup’s external hard drive or server which in the case of a business it’s important to use another server and do daily and routine backups. Using software like NTI now or Genie back up manger will allow creating the backup drive and files. The other is image software like Norton Ghost or Acronis Truelmage this will allow image snap shots and back up the images before a viruses or system failure. To conclude the information can be guarded through the IPsec and encrypting the messages, it can be backed up through the image software and external hard drive. This leads to the next layer of are Hardening which is the system.
To protect we harden the system through Intrusion detection and prevention, patches and upgrades, Monitoring systems and redundancy. The first thing that come to mind