Review: “Confessions of a security pro: I was wrong about host hardening”
Mansoor A., MBA
Capital Markets | IPOs | Regulatory Affairs | Financial Counseling | Freelance Writing
Article Reviewed by Mansoor A.
Summary of the Article
The author in this article discusses the practice of host hardening beyond default security features available in the computers by birth. The author has been in favor of this practice for more than twenty years. He has written several books and articles containing useful advice about host hardening. The author now realizes that securing Windows beyond what Microsoft recommends is not that significant. Almost every company dealing in system software has now stronger security features and their products come with built-in malware defenders. He is of the opinion that certain things have changed now rendering host hardening a less effective or even an unsafe way.
Recapitulating the author’s viewpoint, there is little to say about a cyber-attack that could have been done merely because an individual or a company did not take measures to strengthen its security beyond what OS vendor suggests.
What the attacks originate from is the user not making use of default features to the fullest. The defaults like IPv6, least privilege principle, strong password, secured router, robust firewall, Windows Defender Antivirus, modified settings not needed anymore, removed extra software, vendor’s updates and patches, cautions with email attachments and untrusted links, etc. are to shield the computers from attacks far better than host hardening can do. (“Security Tip (ST15–003)”).
My Insights about the Article
The article compares and contrasts the Windows defaults and the host hardening as means of computer security. The author states that time has changed, hence, the security means and measures.
The practice of host hardening has been undermined with the passage of time especially after IPv6 had been published. After a number of years of preaching host hardening, the author has surrendered and realized that the defaults can’t be beaten by the practice.
The author has discussed a few of the many default security features. He emphasizes working under the restricted mode as malicious software can only adversely affect if the user has relaxed any system settings. It is recommended to only operate using full privileges when one desperately needs it e.g. adding or removing any program. Another handy clue that can help fight malware infections is uninstalling any superfluous programs and turning off redundant services enabled by default. This is going to defend the user from suspicious attacks and make the way hard for intruders.
The main takeaway for me is that of the time factor. Due to the heightened competition, the vendors selling computer programs now keep abreast of customer needs and demands, i.e. information security. This is the reason why OS vendors now have stronger security accompanying their products. Second, I believe complacency will lead to nothing. Individuals and organizations, as users, both need to fully exploit the default security available in-built and they’ll need nothing else to do for staying safe. It is just about strictly adhering to the vendor recommendations.
The other way around, I believe, the more the technology goes advanced in terms of advanced security the more it turns vulnerable to cyber-attacks. In fact, the progressive technologies in the form of enhanced security features themselves have paved the way for cybercrimes, malware, and scams. Today, cyber thieves outsmart the expert custodians of the latest technologies. Security specialists, today, are to cope with risks posed by cloud computing, wireless technologies, and other related concepts begot by the world of the internet.
Last but not the least; external threats (i.e. cyber-attacks) generally are handled more seriously than internal ones. However, the latter tend to be costlier as they may remain mysterious for a long time.
Therefore, I’d recommend everyone to feel responsible, keep to the vendor instructions, and get strengthened internally, eventually STAY SAFE!
Reference
Security Tip (ST15–003). (n.d.). Retrieved from
https://www.us-cert.gov/ncas/tips/ST15-003