Patching Operating Systems is an Essential Eight strategy; hardening the OS itself goes a step further.  Operating Systems, by default, are noisy and have insecure services enabled.  As a rule, disable anything you do not absolutely need, especially legacy services, security protocols, and cipher suites.  Use the most recent release of Operating Systems; vendors constantly improve security.  Engage platform experts to help.  Consider a Standard Operating Environment for workstations and servers.  Consider Virtual Desktop Infrastructure with adequate resources.  Remember to harden network devices and mobile devices; they have an OS as well.  A consistent, secure environment reduces overhead and risk.

One comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s