Keeping your server safe and secure is extremely important in order to preserve the integrity of the data or applications that are running on the system. In addition having a fully secured environment will ensure that the server is always fully functioning and online.
Aside from hardware failure the most common type of issue that a server can face is a security breach of some description. This security breech could come in the form of a virus, denial of service attack or simply an intrusion by a malicious third party.
Any of these scenarios could be potentially disastrous and could lead to loss or corruption of data as well as system downtime whilst the damages are repaired and the server secured.
Having a solid security plan in place can help to minimise the risk of these scenarios from occurring.
Keeping your server virus free
Keeping your server virus free is relatively easy as long as you are following bets practices when it comes to security. Having an antivirus program installed on your server is the most obvious step and will go a long way towards protecting your system. Any business class antivirus program will protect your server but having a security application that is designed specifically for your system is the best option. For example if you are running a file server there are specific antivirus modules that will be best suited to the environment. If you are running a Microsoft Exchange server then there will be different antivirus modules that suit that environment.
In addition to having an antivirus program installed it is also important to have strict security measures in place for both administrators and users. Administrators should avoid granting themselves full system access unless explicitly needed. The alternative is to have several administrative accounts with different permission levels depending on the required access levels. Users should have restricted access as much as possible. In addition password policies and account lockout policies should be set in such a way that the system is as secure as possible. Having these measures in place minimises the likelihood of a virus or Trojan getting in to the system.
Keeping your system safe from hackers
There are many malicious people and organisations out there that will try to hack in to any servers that they come across. Just because you are a small company it doesn’t mean you are safe either; some hackers use tools that “sniff” around on the internet looking for weak systems and then attempt to hack in to them autonomously. Keeping your server fully up to date helps to prevent hackers from gaining access or even from seeing your server as a potential target in the first place. Updates are often released to patch the exact security weak spots that the hackers are looking for.
Preventing DDOS attacks
DDOS attacks or distributed denial of service attacks involve sending huge amounts of network traffic and other service requests to your system making it unable to respond to legitimate requests. Sometimes these attacks are purely malicious and designed to ruin your system. In some cases these attacks are simply a means of weakening your system and distracting your network team so that other attacks can take place such as attempts to steal data.
There are plenty of hardware firewalls on the market today that will prevent or at least detect and mitigate DDOS attacks. There are some expensive options but there are also some cost effective options. If you rent your servers and installing a hardware firewall is not an option then there are other online service providers that will help to mitigate or prevent DDOS attacks. Cloudflare is one such provider that offers a DDOS prevention service at a very affordable price, but I keep seeing many sites who use them like Klout that have issues and you see the Cloudflare 404 page come up. If I have a website where I’m paying for a service, the last thing I want is to have that service get free advertising off my back when they have issues. I only mentioned Cloudflare since it’s popular, but I’ve only had issues when using it. My recommendation to keep yourself fully protected is Incapsula which is a much more superior service that provides so much more, plus you won’t get their name popping up all over your site.