What principle should system hardening implement?

The principle that system hardening should implement is centered on "least privilege or access control." This principle advocates for providing users and systems with only the minimum level of access necessary to perform their functions. By adhering to this principle, organizations can significantly reduce their attack surface and limit the potential damage from both internal and external threats.

Implementing least privilege ensures that users have the bare minimum permissions required for their tasks, promoting a more secure environment. This way, if an account is compromised or if a user inadvertently makes a mistake, the potential for harm is minimized, as the attacker or error is restrained by the limited access rights.

In contrast, concepts like maximum access, public access, and open network access would lead to greater security vulnerabilities, as they would allow excessive privileges that could be exploited. By fostering an environment where least privilege is the standard, organizations can bolster their security posture and effectively mitigate risks associated with potential breaches.