Skip to main content
  • EN

Photo by Matteo Catanese on Unsplash

Cyber Security is something nobody can afford to ignore anymore. Hacks and data breaches regularly affect organizations of all sizes. Often these incidents are significant enough to make the front pages, causing irreparable reputational damage to the organizations involved.

 

Keeping today’s digital assets available 24/7 requires more and more knowledge on data flows and infrastructure involved along the way. Insight in which assets are critical to the organization and how to effectively protect them is key in cyber security nowadays. A good starting point is by hardening key infrastructure components.

 

 

Hardening

 

Hardening is about securing the infrastructure against attacks, by reducing its attack surface and thus eliminating as many risks as possible. One of the main measures in hardening is removing all non-essential software programs and utilities from the deployed components.

 

While these components may offer useful features to the administrator, if they provide ‘back-door’ access to the system, they must be removed during the hardening process.

 

But also, creating visibility in what goes on in the infrastructure is part of hardening your infrastructure. Making sure you will notice when an attack is/or has taken place and then making sure logs and traces are saved for law-enforcement and security specialists when needed.

 

 

Plan Countermeasures

 

Protecting your infrastructure successfully is all about understanding the current attack vectors; what and whom you are protecting, your infrastructure, against. If you know what and whom you are protecting against, makes it easier to take the correct countermeasures.

 

One of those key countermeasures is Hardening.

 

 

Hardening series

 

I will dive deeper in the different attack vectors and steps you could take to harden on all levels. Let’s dive into the infrastructure and approach it as a hacker from the outside all the way up to the application running. I will use Veeam Backup & Replication as the example application running. The following steps will be addressed in this blog series about hardening:

 

  1. Physical Security
  2. Hardware Security
  3. Infrastructure Security
  4. Segmentation
  5. Security Domains
  6. Firewalls
  7. Time
  8. VM Security
  9. Segregation of Duties
  10. Encryption
  11. Multi-Factor Authentication
  12. TBD

 

 

 

Ready to read this series !

Yes, this is a bookmark this page and read the series for sure.  Sounds like an interesting topic for sure.

Great points! Just to add some points on log(s) protection since this isn’t included in the scope.

> Making sure you will notice when an attack is/or has taken place and then making sure logs and traces are saved for law-enforcement and security specialists when needed.

 

It is imperative to protect these logs from spoliation which is the legal terms for destruction or alteration of evidence. The most common way is legal hold. Ensure they are locked away centrally and that they cannot be modified before they ‘r collected by the legal team! Else, it loses its potency . 

And because logs can contain sensitive information, there is a need to protect from breaches of their confidentiality and integrity. There may be need to have have your logs encrypted as well. One has to determine the need for this.

Bookmarked this topic, can’t wait to read all part and discuss about it with the community.

This is just great @Viperian  !!! One of the best posts ever in my opinion 🤣

Comment


Terms & Conditions