Story image

How to secure your server

01 Oct 2010

1.      Enable
automatic notification of patch availability and install latest service patches
and hot fixes from Microsoft.

This would require checking
with your POS vendor if this would be an acceptable practice.

2.      Scan
for vulnerabilities no less than on a monthly basis.

This can be achieved through
installing scanning applications like Nexpose from Rapid7 (http://rapid7.com) or through outsourcing to a
specialist scanning vendor like Qualys (http://www.qualys.com).

3.      Services,
applications and user accounts that are not being utilised should be disabled
or uninstalled.

Numerous tools to analyse and
tweak running applications and services exist.

4.      Use
the Internet Connection Firewall or other methods (via software or hardware) to
limit connections to the server.

5.     
Configure event log settings (common methods for
Server 2003 & 2008 are available on the web).

Special
attention should be given to the security log. 100mb is a suggested minimum,
but high-volume services may require additional storage. Ensure at least 14
days of security logs are available to be able to determine the course of
events in the case of an incident.

6.    Configure user
rights to be as secure as possible.

Every
attempt should be made to remove Guest, Everyone, and ANONYMOUS LOGON from the
user rights lists.

7.    Use full disk
encryption to ensure that information resident on stolen/retired servers
remains confidential.

Options
such as PGP (http://www.pgp.com) and TrueCrypt (http://www.truecrypt.org) are popular options.

8.    If the machine is
not physically secured against unauthorised tampering, set a BIOS/firmware
password to prevent alterations in system start-up settings.

9.    Configure a
screen-saver to lock the screen automatically if the server is left unattended.

10.  Disable Remote
Desktop connection (RDP) capabilities if you do not intend on maintaining your
server with this method.

* For more advice about office computer security, see the November issue of Start-Up, on sale now, or click on Subscribe Now link (top right).

How big data can revolutionise NZ’s hospitals
Miya Precision is being used across 17 wards and the emergency department at Palmerston North Hospital.
Time's up, tax dodgers: Multinational tech firms may soon pay their dues
Multinational tech and digital services firms may no longer have a free tax pass to operate in New Zealand. 
Spark’s new IoT network reaches 98% of New Zealand
Spark is the first company to confirm the nationwide completion of a Cat-M1 network in New Zealand.
WhatsApp users warned to change voicemail PINs
Attackers are allegedly gaining access to users’ WhatsApp accounts by using the default voicemail PIN to access voice authentication codes.
Robots to the fore – Key insights for New Zealand Business into RPA in 2019
From making artificial intelligence a business reality to closer ties to human colleagues, robotic process automation is gearing up for a strong 2019.
50 million tonnes of e-waste: IT faces sustainability challenges
“Through This is IT, we want to help people better understand the problem of today’s linear “take, make, dispose” thinking around IT products and its effects like e-waste, pollution and climate change."
Vocus & Vodafone unbundle NZ's fibre network
“Unbundling fibre will provide retail service providers with a flexible future-proofed platform regardless of what tomorrow brings."
IDC: A/NZ second highest APAC IoT spenders per capita
New IDC forecast expects the Internet of Things spending in Asia/Pacific excluding Japan to reach US$381.8 Billion by 2022.