Hardening Guides & Tools

These guidelines and tools are provided to help you securely manage servers and databases that access or maintain sensitive university data. Remember that you are also expected to meet the requirements outlined in Minimum Information Security Requirements for Systems, Applications, and Data.

By following the guidance of the CIS-CAT tool and the expectations outlined in the hardening guides, your IT systems will be more resistant to vulnerabilities and threats than a system that has not been secured accordingly.

CIS-CAT for U-M Systems

Information Assurance (IA) recommends that you begin the process of hardening university servers, workstations, or databases by running the Center for Internet Security's Configuration Assessment Tool—CIS-CAT. The tool will scan your system, compare it to a preset benchmark, and then generate a report to help guide further hardening efforts. See CIS-CAT for U-M Systems to get started with the UM-specific version provided by IA.

Group Policy Resources for IT Security

IA provides a collection of Windows Group Policies as a starting point for securing Windows computers, as well as Active Directory user accounts. They may be helpful in meeting the IA-recommended CIS-CAT score of 80% and/or the expectations listed in the Minimum Information Security Requirements for Systems, Applications, and Data. See Group Policy Resources for IT Security for instructions and best practices on using the sample policies.

Hardening Guides for Servers and Databases

The hardening guides are designed to protect the confidentiality, integrity, and availability of your systems as well as the services and data stored, processed, or accessed by those systems. Included in the server and database hardening guides are minimum expectations for configuration and management, access and accounts, system monitoring, network connections, and additional hardening steps to consider for your systems.