General Steps to Increase System Security

1. Preparation: The first step is to understand security by doing research and then use that knowledge to plan your defense.
2. Planning: Security is an ongoing process, not just something you do once. Planning should be continual. Any security plan is only as good as its weakest point. After an attacker breaches a single point of defense, the other points become easier to breach. The security plan should also include training, auditing, and so on. It should also include steps to report and repair hosts after a breach. The quicker a breach is caught and corrected, the less time an attacker has to compromise other systems.
3. Prevention: It is much easier to prevent an attack than to recover from one. One can use multiple strategies to accomplish prevention:

   Encryption
   System hardening
   Password hardening
   Physical security
   Monitoring for unsuccessful attack patterns
   Vetting and verification of identity
   Patching
   System probing

4. Postvention: This is just a fancy term for learning from your mistakes. Looking for signatures of a successful attack, notifying authorities, closing a discovered vulnerability, and fixing the affected systems are examples of postvention. Monitoring for breaches is very important. Some common monitoring tools are Chkrootkit, Tripwire, and Logwatch.