It means going through the system and making it hard for anyone to do anything.
For example, if you have a system disk and a user disk, and users aren't allowed to install software, you mount the user disk noexec (no execute). If users aren't allowed to write their own software, you remove all the compilers. If they aren't allowed to use Bluetooth or WiFi, you remove the wireless drivers. If they are only allowed to login with SSH, you remove the ftp server. If they must use PKI keys or certificates , you disable passwords.
Doing too much of that makes the system non-standard and impossible to easily update or maintain.
It used to be more popular, but modern systems have much better defaults (services being off unless turned on) and more privilege dropping (services running non-privileged in their own user accounts, and/or chrooted, instead of all running as root like 20 years ago when you could run a scanner across the Internet and find thousands of vulnerable DNS servers that gave you immediate root access.
It is a total fallacy that Unix is secure and hard to hack. The single administrator account model is outdated and a security weakpoint. Windows 95 was totally insecure due to having no privilege separation, but NT did and Vista enforced it, so once all the legacy Windows apps and XP admin-only systems have died things will be on a more equal footing. Except that Windows is a bigger target for malware writers as it has a much larger installed base, less educated users, and a more consistent API - if you write a virus for Vista, it will probably run on Windows 7, but if you write one for Ubuntu 10 it probably won't work on Fedora 14 or FreeBSD or OpenSolaris.