How much system hardening should you do?

System hardening is the process of improving security defenses of desktop and servers. It is usually time-consuming, so let's decide when enough is enough.


When it comes to Linux system hardening there is a lot to do. From the almost book-like CIS benchmarks to following best practices found all over the web. Recently someone new to the field of information security asked me a simple, yet important questions: how much system hardening should you be doing? When is it enough? Since there was no easy answer, I have written down my thoughts to help others in the future.