System Hardening

System hardening is the process of reducing a system's attack surface by removing unnecessary software, disabling unused services, applying security patches, configuring security settings, and implementing the principle of least functionality. A hardened system has been stripped down to only what's needed for its specific purpose.

Hardening standards like DISA STIGs and CIS Benchmarks provide detailed configuration guides for specific technologies. Following these standards ensures consistent, documented security configurations across your environment.

Why It Matters

System hardening supports multiple CMMC requirements across configuration management, system protection, and access control. Assessors expect to see evidence that your systems are hardened according to defined standards, not running in default configurations.