Server security. That’s usually the first thing on the minds of those in the IT world. To keep up with changing technologies, we are constantly changing and improving our security standards, so that we can remain one step ahead of malicious attackers in defending our confidential information.
Royce Howard, of Global Knowledge, offers some tips about the 10 most dangerous risks to your server. These tips are important to remember when developing and securing your IT infrastructure.
Physical Attacks. Make sure no one has physical access to your server. Server rooms should be kept secure, and sensitive data should be encrypted.
Password Policies. Create complex passwords and change passwords every 90 days.
Privileged Accounts and Social Engineering. Vulnerabilities can be mitigated by removing administrator rights.
Email Attacks. Beware of phishing emails. Never open an email from an untrusted source and avoid clicking on links in emails.
Worms. Worms are self-replicating programs that copy themselves from machine to machine, using up computer processing time and bandwidth.
Increasingly Malicious Malware. Scheduling regular scans can help detect and prevent against malicious malware and spyware.
Unauthorized Network Access. Network Access Control and Network Access Protection can help control network access of a computer host while using a set of protocols to define and implement a security policy.
Not Updating Patches. Automatic updating of patches can help avoid threats.
3rd-Party Applications. Check security platforms of 3rd-party vendors and applications from independent developers and manage exploits.
The Human Factor. People are the weakest link in security initiatives. Develop strong policies and procedures so that people are prepared.
At KirkpatrickPrice, we have years of experience in information assurance by performing assessments, audits, and tests that strengthen information security controls. Contact us at [email protected] for more information on how we can help you in your compliance efforts.
Sarah Morris is a technical writer for KirkpatrickPrice, a provider of world-class audit services. Visit www.kirkpatrickprice.com.