Once the SharePoint 2013 has been installed and ready to use for production,you need to guard your server by applying the group policy on AD or below modification on the registry on every server which SharePoint 2013 installed and part of the SharePoint Farm.
Group Policy creation in AD.
Use the below windows powershell,
Set-GPRegistryvalue -Name "Default Domain Policy" -Key " HKey_Local_Machine\software\policies\microsoft\ shared tools\web server extensions\15.0\sharepoint -ValueName "RestrictSP" -Type DWORD -Value 1
Click on Administrative Tools-> Group Policy Management ->expand on your domain.It will list all the "Default Domain Policy,Domain Controller,Group Policy Objects,WMIFilter and Starter GPOs.
Double click on "Default Domain Policy" it will open the html page in right side,bottom the page make sure that "RestrictSP" has been added in the "Extra Registry Setting" like below screen
On successful completion of the cmdlet,go to run->regedit
HKey_Local_Machine\software\policies\microsoft\ shared tools\web server extensions\15.0\sharepoint
Set the value 00000001 for RestrictSP.
Thats all !
Happy Configuring and Installing the SP 2013.