Server Security

To maintain security of servers (or any device) connected to the network, run the latest version, have up-to-date patches, and confirm it is properly configured before connecting to the network. Insufficient configuration controls can lead to security and availability exposures that may permit unauthorized access to systems and data. Manage server configurations by hardening server security using industry best practices for the server type to eliminate security holes. Common configuration mistakes include:

  1. Leaving default settings on deployed servers
  2. Leaving unnecessary services activated.
  3. Leaving default passwords on deployed servers.
  4. Building too many security roadblocks into the patch remediation path.

The SANS Institute (SysAdmin, Audit, Network, Security), have defined the following “quick wins” for the quickest way to ensure configuration issues for creating secure systems:

  • Create a secure system image
    • Document security settings
    • Approved by change control board
    • Registered with central image library
    • Update image based on new threats
    • Validate integrity of master image
    • Remove unnecessary accounts and services
  • Manage image
    • Properly validate and secure images
    • Negotiate contracts to have image preloaded
    • Complement existing security devices
    • Document any deviations
  • Assessment programs
    • Validate number of systems properly configured
    • Provide compliance charts to executives
    • Track measureable improvements
    • Re-image compromised systems