Professional Documents
Culture Documents
Medium Article - IT & Computing
Medium Article - IT & Computing
Medium Article - IT & Computing
Source: https://www.csoonline.com/article/2624054/confessions-of-a-security-pro--i-was-
wrong-about-host-hardening.html
Microsoft recommends is not that significant. Almost every company dealing in system
software has now stronger security features and their products come with built-in malware
defenders. He is of the opinion that certain things have changed now rendering host
Recapitulating the author’s viewpoint, there is little to say about a cyber-attack that could
have been done merely because an individual or a company did not take measures to
strengthen its security beyond what OS vendor suggests. What the attacks originate from is
the user not making use of default features to the fullest. The defaults like IPv6, least
privilege principle, strong password, secured router, robust firewall, Windows Defender
Antivirus, modified settings not needed anymore, removed extra software, vendor’s updates
and patches, cautions with email attachments and untrusted links, etc. are to shield the
computers from attacks far better than host hardening can do ("Security Tip (ST15-003)").
The article compares and contrasts the Windows defaults and the host hardening as means of
computer security. The author states that time has changed, hence, the security means and
measures. The practice of host hardening has been undermined with the passage of time
especially after IPv6 had been published. After a number of years of preaching host
hardening, the author has surrendered and realized that the defaults can’t be beaten by the
practice. The author has discussed a few of the many default security features. He emphasizes
working under the restricted mode as malicious software can only adversely affect if the user
has relaxed any system settings. It is recommended to only operate using full privileges when
one desperately needs it e.g. adding or removing any program. Another handy clue that can
help fight malware infections is uninstalling any superfluous programs and turning off
redundant services enabled by default. This is going to defend the user from suspicious
The main takeaway for me is that of the time factor. Due to the heightened competition, the
vendors selling computer programs now keep abreast of customer needs and demands, i.e.
information security. This is the reason why OS vendors now have stronger security
accompanying their products. Second, I believe complacency will lead to nothing. Individuals
and organizations, as users, both need to fully exploit the default security available in-built
and they’ll need nothing else to do for staying safe. It is just about strictly adhering to the
vendor recommendations.
The other way around, I believe, the more the technology goes advanced in terms of
advanced security the more it turns vulnerable to cyber-attacks. In fact, the progressive
technologies in the form of enhanced security features themselves have paved the way for
cybercrimes, malware, and scams. Today, cyber thieves outsmart the expert custodians of the
latest technologies. Security specialists, today, are to cope with risks posed by cloud
computing, wireless technologies, and other related concepts begot by the world of the
internet.
Last but not the least; external threats (i.e. cyber-attacks) generally are handled more
seriously than internal ones. However, the latter tend to be costlier as they may remain
mysterious for a long time. Therefore, I’d recommend everyone to feel responsible, keep to
the vendor instructions, and get strengthened internally, eventually STAY SAFE!
Reference