Risk Assessment and Risk Mitigation Control
There are several different types of controls that you can take advantage of for securing your servers. Below are official guidelines from the (National Institute for Standards and Technology), or NIST.
Securing the Server Operating System
This is extremely important. If an OS has a know vulnerability and is not patched, it could lead to many problems. Once an OS is installed, applying needed patches or upgrades to correct for known vulnerabilities is essential. Any known vulnerabilities an OS has should be corrected before using it to host a server or otherwise exposing it to malicious users. Below are some ways to harden the server OS.
Remove unnecessary services, applications, and network protocols to reduce exploits on applications you commonly are not using. Configure OS user authentication to minimize unwanted intrusion. Configure resource controls appropriately to ensure that information is going to whom it should go to.
Securely Installing Server Software
This is a lot like hardening the OS in respect that you are making sure that software stays up to date to ensure that known exploits are being addresses. Any unnecessary applications, services, or scripts that are installed should be removed immediately once the installation process is complete. Below are some things that you can do to harden software.
Install the server software either on a dedicated host or on a dedicated guest OS if virtualization is being employed. Apply any patches or upgrades to correct for known vulnerabilities in the server software. Create a dedicated physical disk or logical partition (separate from OS and server application) for server data, if applicable. Remove or disable all services installed by the server application but not required (e.g., gopher, FTP, HTTP, remote administration)
Install and Configure Additional Security Controls
This could be anything that you would like to install that could add extra layers of security. In most cases default OS’s do not include the many needed tools for system hardening. Below are some things you can do to add more layers of security to your system. Anti malware, spyware and virus programs should be used on all servers and systems to help detect and quarantine potential threats. A host based IDS like Snort or an IPS should be implemented to keep an eye on possible network intrusion and attacks. Host based firewalls to keep unauthorized users from intruding on the network. Perhaps making a honey pot to trick attackers into think that they found something or successfully infiltrated you. Then tag them, trace them and log it.
Maintaining the Security of the Server
Be sure to maintain your server. Do not just install things and see how it goes. This will most likely land you out of a job and cost your company a lot of money. Keeping things up –to-date is one of the most important things in security, so keep things up-todate. Below are some things to consider.
Read Logs: Keeping a close eye on logs could mean life and death when it comes to intrusion. Logs tell you who, were and when a system accessed your network. They can assist you in tracking use and also can be used in legal issues.
Server Data Backups
This should be a no-brainer. Backing up data is the most important thing next to nothing. The reason is straight forward, if you do not back up data, it will not be there later. Also, there is the legal issue of keeping data safe. Below are some things to keep in mind about keeping data backed up and safe.
Ensuring data is properly retained and protected
Ensuring data is properly destroyed or archived when no longer required
Preserving information for Freedom of Information Act (FOIA) requests, legal investigations, and other such requests.
Responsibilities of those involved in data retention, protection, and destruction activities.
If you take...
Please join StudyMode to read the full document