Roberta Bragg's 10 Windows hardening tips in 10 minutes

[IMAGE] Get a glimpse inside Roberta Bragg's new book "Hardening Windows systems" with this series of book excerpts. Below you will find the introduction and 10 quick tips to hardening Windows excerpted from Chapter 1: "An immediate call to action." Click here for book details and author information or purchase the book.

TABLE OF CONTENTS
  [IMAGE] Immediate call to action
  [IMAGE] 10 hardening Windows tips in 10 minutes

An immediate call to action
[ Return to Table of Contents ]

We have a big problem. We aren't doing what we need to do to secure our Windows computers. We know what we need to do; we just don't do it. This is not to say that we have all the answers. Just as there is no way to keep a determined burglar out of your house, there is no way to ever make a Windows system, or any other operating system, 100 percent secure. But we do have a lot of answers. We know what to do to prevent most types of attacks from being successful.

But instead of systematically hardening the operating system; instead of physically securing systems; instead of instilling a culture of security that includes everyone -- yes, I mean everyone -- in the business of security; instead of doing any of these things, we frantically patch systems and complain about insecure products. Then, when our networks are broken into and credit card data or other sensitive data is stolen, or systems damaged, we blame the problems on someone else.

Stop. Stop right now. These actions are like 14-year-old boys and girls or the extras in a grade B movie when Godzilla attacks. You're either blindly reacting, or you're paralyzed into inaction. Stop reacting, stop sitting on the fence, and start acting.

Take control of information security. Moreover, note that I said information security; computers are one small part of that. You need a comprehensive

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Securing Windows legacy operating systems Run legacy applications with Windows Vista security How to Bypass BIOS Passwords Security concerns of unattended, automatic installations How 'limited' malcode pulled off the year's biggest attack Taking over the domain How to get an attacker out of your network Checklists: Harden access control settings Freeware tool for password tracking and storage Manual vs. automated patch tracking Protect desktop files and folders from inside snoops

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary drive-by download  (SearchEnterpriseDesktop.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

plan that secures information wherever it resides: on the mainframe; in the Linux Web server; in the Active Directory; on a PDA; in or available through smart phones; and yes, in the hearts and minds of the employees, contractors, partners and customers of your organization.

We know what to do, so let's do it.

Let's change our reactive model of information security to a more proactive one. "Hardened systems are secure systems." By hardened, we mean locked down, secured, and stripped of inessentials. By systems, we mean computers, networks and people. So how do you do this? Write the policy. Engage management in the discussion. Dig out the reference works that tell you how to secure whatever it is you have to secure, and get busy. If you have to, harden one computer at a time. Harden one concept at a time. Harden one person at a time. If you don't have the authority to harden something, find out what you need to do to get the authority. If you don't know what to do, find out. If you're afraid that what you do may cause something to fail, test it. If you are overwhelmed with the sheer size of the project you have set before yourself, get help.

Ultimately, you can't do it alone anyway. Security is everyone's business, and everyone must get involved. As an IT pro, though, it's up to you to start. Above all, mount your hardening, securing campaign in at least two directions: the big picture and the intimate reality of your day-to-day work. Much of the cultural change that we need to make will not come swiftly or easily. It requires planning and commitment. It requires evangelists and disciples, leaders and doers, talkers and strong, silent types. Making security as easy and as pervasive as breathing will not happen overnight. But you can effect significant changes in the security posture and actual security status of your networks right now by doing things that are under your control. What you can do will depend on your authority, but we can all do things that will have an enormous impact.

10 Windows hardening tips in 10 minutes
[ Return to Table of Contents ]

Here are 10 things you can do right now, right this minute, to increase security on your Windows networks. Click on any link for the complete tip.

Click here for book details and author information or purchase the book.