- Pay attention to security bulletins and apply recommended system and application patches. Include RTFM (Read the FINE Manual), Readme and other documentation for your system and applications.
- Avoid installing packages that will not be used.
- Check open or listening network ports and associated programs and disable or remove unwanted and unnecessary services.
- Do not log in as root or administrator. Use your own login and switch user (SUDO) or "run as" to execute administration commands. Consider disabling root login.
- Grant the minimum access to each user and application; provide only the rights required and no more. Do not allow applications to run as root or administrator.
- Limit users and do not allow shared accounts. Require strong passwords that must be changed periodically.
- Disable administrative users immediately upon separation from your unit.
- Run operating systems in secure mode if available.
- Enable the system firewall and learn to use and tune it.
- Maintain a backup and recovery process. Document your recovery plan and test it at least annually.
