diff --git a/debian/sso-server.service b/debian/sso-server.service
index 398826036567462849e116ed9ebe6301e7d20087..6f998261c5ca84b9013e6d245be96efc1578313e 100644
--- a/debian/sso-server.service
+++ b/debian/sso-server.service
@@ -1,6 +1,6 @@
 [Unit]
 Description=SSO Server
-After=auth-server.socket
+After=network.target auth-server.socket
 
 [Service]
 User=sso-server
@@ -9,6 +9,15 @@ EnvironmentFile=-/etc/default/sso-server
 ExecStart=/usr/bin/sso-server --addr $ADDR
 Restart=always
 
+# Hardening
+NoNewPrivileges=yes
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectHome=yes
+ProtectSystem=full
+ReadOnlyDirectories=/
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+
 [Install]
 WantedBy=multi-user.target