Ten Security Tips for System Administrators

  1. Pay attention to security bulletins and apply recommended system and application patches. Include RTFM (Read the FINE Manual), Readme and other documentation for your system and applications.
  2. Avoid installing packages that will not be used.
  3. Check open or listening network ports and associated programs and disable or remove unwanted and unnecessary services.
  4. Do not log in as root or administrator. Use your own login and switch user (SUDO) or "run as" to execute administration commands. Consider disabling root login.
  5. Grant the minimum access to each user and application; provide only the rights required and no more. Do not allow applications to run as root or administrator.
  6. Limit users and do not allow shared accounts. Require strong passwords that must be changed periodically.
  7. Disable administrative users immediately upon separation from your unit.
  8. Run operating systems in secure mode if available.
  9. Enable the system firewall and learn to use and tune it.
  10. Maintain a backup and recovery process. Document your recovery plan and test it at least annually.