Securing Resources  «Prev  Next»

Lesson 3Operating system security
ObjectiveKey requirements for securing your operating system.

Operating System Security and securing Resources

Regardless of what operating system is running (UNIX, Windows Server 2019, Ubuntu, etc.), you will have security-related problems. Because specific problem areas appear and disappear with operating system upgrades, an operating system change requires reevaluation of your security policy and assessment of new vulnerabilities.
  • Securing Resources with strong passwords: If a hacker obtains a valid user account and the corresponding password, he or she can bypass security mechanisms and access any resource to which the user account has been granted permission. The risk of this threat is greatly reduced by implementing proper operating system policies that enforce user-defined parameters and actions. Policies can help a user work securely, primarily because they force users to make wise choices.

Operating System Policies

Define operating system policies along with service security policies. Examine each system in your network on a user-by-user basis to see if any contain excessive access privileges. The table below lists the key areas for securing your operating system.

Operating system area Security Implementation
Users and groups:
  • Assign the lowest level of access for each user or group that allows them to perform their jobs
  • Carefully examine any default accounts and remove, reset, or rename them as appropriate
  • Create special accounts for public servers that access resources through the operating system
File system:
  • Tightly secure individual directories and programs on your system
  • Partition the physical disk on a program or functional needs basis
  • Restrict a service or daemon's access to only a specific partition
System defaults:
  • Change all default settings
  • Locate support accounts (created by the manufacturer for system access in case of a problem)
Bugs (known vulnerabilities):
  • Contact the operating system vendor for known problems when loading an operating system for the first time or upgrading an existing one
  • Monitor your operating system vendor's website to keep abreast of security problems
  • Obtain patches, fixes, and workarounds for problems as they arise
Remove unnecessary system services: Remove any operating system service that you do not specifically require
Operating system specific areas:
  • Implement security measures that are operating system specific, such as:
  • Securing the registry in Windows NT
  • Enabling shadow passwords in UNIX systems
Policies: Ensure that you have established operating system policies, such as minimum password length, maximum password age, restricted logins, and so on.

Removing Services

Most organizations omit the simple solution of removing unnecessary services that might create an unintentional back door. For example, if you are using Internet Information Server on Windows NT, do not leave the NT server service running. Doing so creates a security hazard and invites unneeded risk. Your operating system is the central element of your network. If you secure it, you will be able to enhance and complement other security systems.

OS Security Quiz

Click the Quiz link below to take a multiple-choice quiz about securing your operating system.
OS Security Quiz

SEMrush Software3