Story image

How to secure your server

01 Oct 10

1.      Enable
automatic notification of patch availability and install latest service patches
and hot fixes from Microsoft.

This would require checking
with your POS vendor if this would be an acceptable practice.

2.      Scan
for vulnerabilities no less than on a monthly basis.

This can be achieved through
installing scanning applications like Nexpose from Rapid7 (http://rapid7.com) or through outsourcing to a
specialist scanning vendor like Qualys (http://www.qualys.com).

3.      Services,
applications and user accounts that are not being utilised should be disabled
or uninstalled.

Numerous tools to analyse and
tweak running applications and services exist.

4.      Use
the Internet Connection Firewall or other methods (via software or hardware) to
limit connections to the server.

5.     
Configure event log settings (common methods for
Server 2003 & 2008 are available on the web).

Special
attention should be given to the security log. 100mb is a suggested minimum,
but high-volume services may require additional storage. Ensure at least 14
days of security logs are available to be able to determine the course of
events in the case of an incident.

6.    Configure user
rights to be as secure as possible.

Every
attempt should be made to remove Guest, Everyone, and ANONYMOUS LOGON from the
user rights lists.

7.    Use full disk
encryption to ensure that information resident on stolen/retired servers
remains confidential.

Options
such as PGP (http://www.pgp.com) and TrueCrypt (http://www.truecrypt.org) are popular options.

8.    If the machine is
not physically secured against unauthorised tampering, set a BIOS/firmware
password to prevent alterations in system start-up settings.

9.    Configure a
screen-saver to lock the screen automatically if the server is left unattended.

10.  Disable Remote
Desktop connection (RDP) capabilities if you do not intend on maintaining your
server with this method.

* For more advice about office computer security, see the November issue of Start-Up, on sale now, or click on Subscribe Now link (top right).

MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Schneider Electric's bets for the 2019 data centre industry
From IT and telco merging to the renaissance of liquid cooling, here are the company's top predictions for the year ahead.
China to usurp Europe in becoming AI research world leader
A new study has found China is outpacing Europe and the US in terms of AI research output and growth.
Google says ‘circular economy’ needed for data centres
Google's Sustainability Officer believes major changes are critical in data centres to emulate the cyclical life of nature.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.