Patching Operating Systems is an Essential Eight strategy; hardening the OS itself goes a step further. Operating Systems, by default, are noisy and have insecure services enabled. As a rule, disable anything you do not absolutely need, especially legacy services, security protocols, and cipher suites. Use the most recent release of Operating Systems; vendors constantly improve security. Engage platform experts to help. Consider a Standard Operating Environment for workstations and servers. Consider Virtual Desktop Infrastructure with adequate resources. Remember to harden network devices and mobile devices; they have an OS as well. A consistent, secure environment reduces overhead and risk.