Importance of Securing Servers
Blake Sallee
SEC280: Principles of Information-Systems Security
Professor Pratibha Menon
11/06/2014
DeVry University
Importance of Securing Servers The purpose of this paper is to discuss the importance of securing the Windows and UnixLinux server. This will go over the potential threats Windows severs and UnixLinux are subjected to. The paper will also discuss the potential security measures that can be implemented in order to better protect the servers from harm.
Server Threats According to Ferrill (2014), there are two major threats to a company’s Windows or UnixLinux server. The threats are disgruntled employees and corrupted admin accounts. These threats can be detrimental to the company
…show more content…
The second risk to the company’s servers is a corrupted administrative account. This is the equivalent of leaving your front door open with a big neon sign that says, “We are not home.” This is a way for hackers to make their way into the servers and do as much, if not more, damage then the disgruntled employee.
Protecting Windows Servers There are two ways of protecting the Windows based servers from these attacks. These methods are fairly simple to setup and will help keep the confidential information confidential. There security measures are called Desired State Configuration (DSC) and Just Enough Admin (JEA).
Two Types of Security Measures Measure 1. The first security measure is known as Desired State Configuration (DSC). DSC was shipped with the Windows 2012 servers. DSC allows the server administrator to set the roles and features that is required for each individual server. This can be broken down to each administrators server if necessary as well. DSC also does regular checkups on the servers to make sure there is no suspicious activities going
…show more content…
These are three simple ways to ensure that the server is secure and everyone has access to what they need. .
Three Types of Security Measures Measure 1. The first security measure is to write a firewall rules into the UnixLinux server. The server administrator can write the firewall rules using the Firewall that come with call Uncomplicated Firewall. This will set parameters for everyone in the company so they can access what they need without having access to what they don’t need to see. This can be done by setting rules on ports, IP addresses, or by services Measure 2. The second security measure is monitoring the servers. This can be done by setting up tripwires. Tripwires know the normal baseline of server activity and will into send an alert if anything unusual happens on the server. There is also a Logwatch that monitors the systems Logs and will send an email to the server administrator if an anomaly is detected in the
In order to do hardening system on any type of software computer you would have to look at the type of location that your network is going to be installed in after you fine or survey the following location then you would definitely get a location to where you would like to place your hardware to install your firewall systems once you get the physical aspect of your file systems installed you would then have to look at how setting up the software passwords on most computers or on your security system on the network then you would not stop there because you would have to keep access controls established on the location to make sure that physical security of the location does not hinder anyone from trying to get into the location that has authorized
All data that is transmitted over a network is open to being monitored. One way to create a more secure environment would be to restrict file permissions. It is usually recommended that file permissions are set so that only necessary access is granted. Another way to create a more secure environment would be to use secure passwords to verify the user’s identity. Password security is very important when it comes to protecting not only the network, but the user and workstation.
If your business is mainly served to your customers through a web interface, it is incredibly important to respond to web server outages, as every second costs the company more and more money. With a monitoring solution implemented and efficiently monitoring your web servers, and notifications properly configured, a system administrator can respond to outages in a timely manner, and save the enterprise precious capital. In the context of my lab, the pfSense gateway, the Wiki server, and Nagios all utilize web interfaces that can be monitored, and are being monitored by Nagios. Another important service to monitor in and enterprise environment is SSH (TCP port 22). In most instances, a system administrator will be accessing and configuring devices on the network via SSH, and in some cases, if SSH is not accessible the administrator can be completely locked out of a server or network device.
One of the biggest issues is that all services use HTTP rather than HTTPS. HTTP is used to access the firewall, Opsview monitoring, and the documentation wiki. All three of these should have their traffic encrypted, especially the firewall because if that is compromised than an attacker has much more direct access to all other systems that are behind it. It would also be recommended to use an authentication database such as Active Directory to authenticate and authorize all users for these systems. This would make it much harder to compromise accounts if the local account is not being used.
Because Linux is only as secure as it is configured to be, the user must take many precautions to ensure that the server stays secure. Having very little or no security at all can pose a great problem for the system, network, and server, not to mention the company involved. If the server is not secure, the company can be in big trouble as private information can be leaked. Important data that should only been seen by certain employees can possibly be seen by all employees. This could cause a huge problem.
A “page” will be a single Control, Risk, Audit Test, etc. 4. Is there a separate security level available for a system administrator? Yes. As described above in Technical Capabilities #2, Site Administrator is the policyIQ role assigned for this purpose.
Such mistakes or scenarios can be stopped with proper training and education on significant threats and vulnerabilities. End users usually do not follow best practices and security guidelines. Much attention is not paid to spam emails, malwares, viruses and even phishing emails. Users need to be educated on the significance of protecting they’re data on vulnerable networks and administrators need to secure the networks with proper tools, training and
Do we have a backup power system for our offices? Protection of customer personal information (in addition to security measures stated elsewhere in this audit checklist) 54. Do we only giving access to personal information to a person who is verified to be able to receive that information? 55.
Group Policy Objects (GPOs): Security settings on workstations and for users should be uniformly applied across all company devices, and should not be modifiable by users. Microsoft Active Directory allows an administrator to set numerous configurations and settings that can be applied on all workstations and user accounts. If it is configurable in Windows, it can be managed by a Group Policy Object (GPO). Any company policy that requires a specific setting, should be enforced by creating a GPO that forces user and workstation compliance. For example, if the Password Policy requires users to choose a password of a specific length and complexity, a GPO can be set that enforces that requirement
They also handle all aspects of information security. This includes teaching others about computer security, inspecting for security violations,
Introduction “VA’s mission is to promote the health, welfare, and dignity of all veterans in recognition of their service to the nation by ensuring that they receive medical care, benefits, social support, and memorials.” (Information Security: Veterans Affairs Needs to Resolve Long-Standing Weaknesses, 2010, p.1) The VA information system security program (ISSP) aims to protect the confidentiality, integrity and availability (CIA) of the VA’s information systems and business process. This program provides information of plans, policies and procedures to protect the VA’s system user’s privacy data. Also according to the Department of Veterans Affairs: Information Security Program (2007) this program provides a detailed list of the security
While there are fewer viruses targeted at Linux, they do exist. Linux may be a more difficult target for black-hat hackers, it is still a target. For this reason a software management plan is of the utmost importance. My recommendation would be to secure our systems with AVG Antivirus Option. AVG is typically focused on the Microsoft antivirus market, the group does make anti-malware tools for Linux.
1. Policies governing the network insecurities which include Email and communications policy, Remote Access Policy, BYOD Policy and Encryption policy 2. User accounts management through training and assigning of user roles depending on their access levels to information in the organization. 3. Setting up workstations and assigning every user a workstation.
3. Dumpster divers Dumpster diver will dig for the information that has all of the information about payroll, position and title that puts business at risk Destroy or shred all of the information that is not needed to avoid the information to be misused by the attacker. Application and Network Attacks 4. Letting the Ex-employee log in to the system even after he leaves the company It will destroy and
The Information Security Manager reports in their capacity to the CEO. Company officers, executives, directors, employees, contractors and third party service providers cooperate and work with the Information Security Manager to ensure the protection of customer’s non-public information and Licensee’s Information Assets. Policies, such as Enterprise Antivirus Program, Network Access, Software Development Security Standards, Physical Security, Vendor Manangmenet Ativirus, Mobile Computing/Remote Access, Inromation Security Risk Assessment, Social Media, Data Loss Prevention, and Secuiryt Incident Response Policies have been implemented to protect customer’s non-public personal information and company Information