Actually, not all the steps are about security only. Some of them are just nice to have checked, before going on into production.
Let us dive in:
- Check dmesg output: Make sure it recognizes all hardware correctly and does not show any nasty errors.
- Check filesystem sizes and free space: Any alarming small sizes with respect to the system you are going to be running?
- Setup clock synchronization
- Turn off not used services: Like cupsd, nfs, alsasound, ...
- Uninstall unused software: Starting with the software behind the above turned off services, but don't stop there.
- Firewall it: Consider installing a firewall on the host itself.
- Restrict access: Make sure access protocols are limited to ssh/sftp. Also, consider locking down sshd to only some IPs, etc.
- Cut down on running processes: Check running processes and consider if any of them are unimportant to your system. If so turn them off.
- Cut down on open ports: Use netstat and possibly a port scanner to check open ports. Have you closed all but the neccessary ones?
- Security updates: Create procedure (manual or automatic) to apply security updates onto the system at regular intervals.