Sitecore recommends that you follow all the security hardening instructions described in our documentation. In addition, the way you implement your Sitecore solution has a significant effect on the security of your website and it might require additional security-related coding and configuration.
Sitecore is not responsible for the security of any other software products that you use with your website. We strongly recommend that you install every available service pack and update for all of the software products that you use. We also strongly recommend that you secure third-party software from being accessible to non-trusted network traffic.
To ensure a complete security hardening of your Sitecore installation, you can go through all the security tasks one by one. Alternatively, you can complete the security tasks on a role by role basis:
Securing your Sitecore installation is important, but it is equally important to keep Microsoft Windows updated and maintain a disaster recovery plan.