How to Perform Initial Security Audit for Your Servers

The protection of information is a priority issue for any business operating on the Internet. Virus infections and external attacks, as well as unauthorized access to information – all this entails major financial and reputational risks. Therefore, choosing a server platform, it is always useful to know the security level.

In order to check whether the security system works well, if there are vulnerabilities in it, at least once a month it is recommended to audit server security.

Also read: How Enterprises can Secure Mixed Cloud Environment

What does the server audit include?
A threat to security may even be an insignificant, at first glance, factor,

such as incorrect server settings or legacy software. The audit helps to identify weaknesses in the protection and take timely measures to eliminate them before the infection or data theft occurs.

The server administrator checks the installed software, its compliance with the latest updates, evaluates the server’s security settings and fixes errors, if any, and also analyzes the compliance of the employee access rights settings with those or other resources. Below you will find an ultimate checklist to conduct the complete check.

Also read: 2018 Key trends, from AWS and Azure to AI

Physical access: In the case of a dedicated server, physical access to the server of third parties is limited by default, it is usually provided by the data center. Nevertheless, it’s possible to set an additional password for accessing the BIOS.

Firewall: For continuous monitoring of software and ports, the Windows Firewall must be properly configured and enabled. For Linux, you can use the SELinux system to control access. Also it is possible to rent a hardware firewall Cisco ASA or Fortinet FortiGate 60D.

File system: It is recommended to use different partitions for system and user files. For Windows – make NTFS formatting partitions. As per Linux users, set the boot partition to read-only. 

Check for updates: Configure the server to automatically receive and install updates. It’s quite important for the safety of the server.

Password policy: Make and apply an appropriate security policy. Make mandatory requirement of complex passwords, their validity, and also implement the option of  account lockout after several unsuccessful authorizations or entering an empty password.

In Linux, we recommend to authorize root by key. Moreover, it is desirable to change the connection ports.

Control of loggers: Include logging for critical infrastructure segments and check them regularly. Note it’s crucial to run the check-ups on daily basis.

Network safety: It is recommended to use VPN and VLAN for segmentation of nodes and channel security. Also, you should change the default settings and redirect the ports of the network equipment services. You can use the IPsec service to encrypt traffic. And to view open ports – the utility Netstat.

Access control: Differentiate the access rights of users to critical files, disable guest access and users with an empty password. Disable unused roles and applications on the server.

Backup: Take advantage of the file backup service, it’s profitable and reliable. Do not keep the backups unencrypted. If you rent a server from us, then you can choose a place for backups.

Access to the database: Critical databases should be stored on different SQL servers. You must configure the start-up on behalf of the user with minimal privileges or from the preconfigured white list of IP addresses.

Antivirus protection: For the server to work on Windows, the installation of antivirus software updated is highly recommended, especially when users work with NAS. For Linux users, the installation if antivirus software is not required under the circumstances that the server is regularly monitored and there is a protection from unauthorized access.

Also read: Cloud computing will drive $554B in revenue by 2021

Always keep in mind the safety of the data is in your hands. Your dedicated resources should conduct an audit once a month. This will help verify the correctness of the server, eliminate vulnerabilities and monitor the security of network infrastructure. If you have any questions, we are just a click away.