IT Security is Like an Onion – IT Security Basics – Part 2: Server Security

In Part 1 I discussed securing your network perimeter. But as I said in the beginning, IT security is like an onion. Let’s take a look at the next layer of that onion… securing your server environment. Again, this is not meant to be a complete list, but instead a starting point to help you think through your own IT security strategy.

Physically secure your equipment. By physical security I mean making sure your data is secured by securing the devices which store and transmit it. In short, make sure your servers and network equipment aren’t accessible by just anyone. In a best case scenario, the server and network equipment is in a locked rack. Each server has a front bezel which is locked, preventing the removal of hard drives. The room containing the servers and other equipment is also locked and secured from other users. Only a short list of authorized personnel should have any physical access to the server’s room and rack. In larger organizations it is not uncommon for network administrators to never physically touch the servers they administer. In many smaller organizations it is very difficult to physically secure their server from unauthorized access or theft. If your organization doesn’t have this ability, then hosted servers or cloud computing may be a good option. 

Operating Systems become obsolete quickly. Not only do new features come out all the time, but new security functionality is added with each new version of an operating system. For example, Windows 2008 R2 is by far more secure than Windows 2003. It is far less vulnerable to malware attacks, and has a much more sophisticated software firewall built in. There are also additional security features built right into Windows to help ensure that only authorized applications run on the system. It is also important to regularly install updates and service packs to your operating system to resolve any security holes, or add new features. 

New hardware for PCs and Servers can help improve your IT security through architecture changes, and feature upgrades. An example of this is some of the new security functionality built right into the new CPUs from Intel and AMD. This helps protect your system from ever getting infected by malware. These days many organizations are replacing PCs every 3 years to help ensure a higher level of security, increase uptime, and end-user productivity. 

When the unthinkable happens do you have a data backup & disaster recovery plan? If not, get moving! What are you backing up? Where are you backing this up to? Are you doing off-site backup or online backup? Are your backup tapes secure and being archived for 2-7 years? What do you do when an end-user deletes an email? What do you do when your 8 year old critical server’s motherboard fries, and there are no replacement parts on the way? Are you using an online backup strategy? If so, is data encrypted before being transmitted? What is your procedure when a massive attack infects most (or all) of your servers? What is your plan? If you don’t have an answer to all of these, don’t feel bad. This is something which is commonly overlooked. 

Network Access Protection can prevent “unhealthy” systems from gaining network access or limiting access by configuring a series of policies. If a system does not meet the compliance requirements, there is a mechanism for bringing that system back into compliance. Once the system is in compliance the level of network access can be increased. 

Periodic Health & Security Audits should be run on a regular basis to help ensure your network security is configured they way you think it is. Here is a short list of things to look for:

  • Periodically look for old user accounts (should be disabled or deleted)
  • Check for outdated Firewall Rules which are no longer needed
  • User access & folder level security – Do VPN users only have access to the proper servers? Do AD users have access to folders they shouldn’t?
  • Latest service packs and patches – Make sure all servers, server software (SQL, Exchange, etc…), and workstations have the latest service packs and security updates installed. Also check for updates for client software such as Flash player, Acrobat Reader, and Office.
  • Check, test, & update anti-virus and anti-malware protection on all workstations and servers.

Permanent link to this article:

Leave a Reply

Your email address will not be published.