During the last 4 years, I have participated in many conferences, calls, and visits to customers and business partners to talk about something that no one in IT likes to mention: Server Hardening.
And what is server hardening? From what I learned in these multiple interactions, it is one of the most tedious projects that IT must do and is usually one of the last to have the right attention and, therefore, budget. Until it’s too late.
Let’s look at the full picture: The security area of the company, headed by the #CISO (Chief Information Security Officer) defines the guidelines and best practices of security policies for the company, based on standards and best practices, either by the CIS or by the NIST, and including its own components appropriate for the company. On the other hand, there is also the IT department, which is responsible for the operational part of the technology infrastructure and it must guarantee that it works 24/7/365.
It is in these two areas that there is often a “no man’s land” where it should be the most synchronized teams as possible to prevent #cyberattacks #ransomware #malware from causing enormous problems, both economically and in the company’s image.
As the server hardening project, based on security policy guidelines, is tedious and prone to much inconvenience and uncertainties, it is always set aside, as it involves creating a test environment, duplicating the production environment, and try to recreate each server role that complies with the minimum measures considered in the security policies, which is a manually intensive and time-consuming process (some servers have more than 400 parameters), and in most cases it always ends up breaking some service, affecting availability and leaving the organization exposed to possible attacks.
What is the solution to this dilemma? It is using the CalCom CHS tool that automates the #serverhardening process and also constantly monitors it, with an updated view of the security status of each of the servers in the entity, whether there are 150, 1000, 5000, or more servers, physical or virtual, on-premise or in the cloud. It is the difference of being able to sleep peacefully knowing that the infrastructure is safeguarded by the synchronized effort of everyone in the organization complying with the security policies recommended for the institution. This is the task of the entire security and technology teams.
Care to know more about server hardening? Please contact me for more information.