Server Security: Are You Doing Enough?

Anti-virus software? Check. Firewall? Check. Complicated password, complete with letters, numbers and symbols? Check.

You might think that incorporating those common security protocols is guaranteed protection for your company’s servers, and to a certain extent, you are right. Up-to-date anti-virus protection, firewalls and intricate passwords can protect your company’s servers from some unauthorized access and harmful software. The average person or unsophisticated hacker will be thwarted by common protocols, and older or known viruses, malware, spyware and phishing programs are blocked by antivirus programs.

Criminals are becoming more sophisticated, though, and the old methods of protecting your server are not adequate to keep your sensitive systems and data safe. Most servers are attacked by potentially harmful programs or would-be hackers dozens of times each day; it’s important for security managers to recognize the threats and take the proper steps to protect servers from security breaches.

If you are wondering if you are doing enough to keep your networks and data safe, consider this checklist of the most effective precautions.

Install Security Software

Security software is more than just antivirus protection. According to organizations such as Trend Micro, your server security should involve methods of encryption, especially if the network is accessed virtually or remotely. If the server contains particularly sensitive information, such as that governed by federal privacy regulations or financial data, consider installing a host-based or network firewall that only allows access from designated IP addresses.

Enact Strict Login Policies

By now, most of us have seen the news reports regarding passwords and know what constitutes a strong password. Even with these warnings, though, some people still continue to use common or easy-to-guess passwords in multiple locations – and never change them. This is just one way that login protocols can put your servers at risk, so you need to create a comprehensive policy regarding how and where employees and customers can access the system. For example, give every user his or her own access credentials and avoid sharing login information among several individuals or customers. Develop a comprehensive password management program as well, one that requires regular password changes and a certain level of password strength.

Use Authentication Methods Other than Passwords

While requiring passwords for access to sensitive areas of the network provides a layer of protection, additional methods of authentication are also important. Even the most complex passwords can be cracked thanks to malware or keylogging software, so for maximum security, consider implementing a key-based authentication system. The most secure keys require the use of an external device; more simple systems use images, phrases or other means to provide authentication and prevent unauthorized access.

Routinely Maintain and Update Computers

You see the notification that your computer needs to be updated flashing in the corner of your screen – and ignore it, or postpone it multiple times. While that might keep you from experiencing a few moments of downtime, you’re actually putting your computer and the network itself at risk by failing to install timely updates. When your operating system releases these updates, they often include security updates or patches that reduce vulnerabilities. Pay attention to them and keep your system safe and secure.

Physically Secure Your Server

While most of the dangers to your server come via the computers connected to the network, failing to physically secure it also presents dangers. Keep the server in a controlled-access location and keep a log of those who access the room. Use keyboard locking or password protected screen savers on the main computer connected to the server, and habitually update the access credentials needed for the server. Restricting physical access to the server prevents individuals from compromising its security, deliberately or unintentionally.

Securing your server is one of the most important steps you can take to ensure that your company’s data, network and individual devices stay secure and free of harmful software. When something attacks your server, it’s not long before it spreads throughout the company – and a security breach can lead to wasted time and money, as well as a public relations nightmare. Taking these important steps to secure your server, though, will keep your data safe – and your employees productive.