ABSTRACT
In recent years, the place occupied by the various manifestations of cyber-crime in companies has been considerable. Indeed, due to the rapid evolution of telecommunications technologies, companies, regardless of their size or sector of activity, are now the target of advanced persistent threats. The Work 2035 study also revealed that cyber crimes (such as critical infrastructure hacks) and massive data breaches are major sources of concern. Thus, it is important for organizations to guarantee a minimum level of security to avoid potential attacks that can cause paralysis of systems, loss of sensitive data, exposure to blackmail, damage to reputation or even a commercial harm. To do this, among other means, hardening is used, the main objective of which is to reduce the attack surface within a company. The execution of the hardening configurations as well as the verification of these are carried out on the servers and network equipment with the aim of reducing the number of openings present by keeping only those which are necessary for proper operation. However, nowadays, in many companies, these tasks are done manually. As a result, the execution and verification of hardening configurations are very often subject to potential errors but also highly consuming human and financial resources. The problem is that it is essential for operators to maintain an optimal level of security while minimizing costs, hence the interest in automating hardening processes and verifying the hardening of servers and network equipment. It is in this logic that we propose within the framework of this work the reinforcement of the security of the information systems (IS) by the automation of the mechanisms of hardening. In our work, we have, on the one hand, set up a hardening procedure in accordance with international security standards for servers, routers and switches and, on the other hand, designed and produced a functional application which makes it possible to: 1) Realise the configuration of the hardening; 2) Verify them; 3) Correct the non conformities; 4) Write and send by mail a verification report for the configurations; 5) And finally update the procedures of hardening. Our web application thus created allows in less than fifteen (15) minutes actions that previously took at least five (5) hours of time. This allows supervised network operators to save time and money, but also to improve their security standards in line with international standards.