By Greg Keller Posted January 23, 2015
Servers located directly on the Internet run one of the highest risks of being compromised. It’s just too easy for hackers to find an open “door” or “window” into those servers, and then tap into confidential data, systems, and information. Companies can’t afford to put their private information at risk, but an increasing move to cloud-based business solutions inherently ups the risk associated with data.
The good news is, if your organization leverages cloud infrastructure there are ways to mitigate the risk.
It takes vigilance—and constant upkeep—but cloud-based data on Internet-based servers can be just as safe and protected as on-premise servers.
In this post, we highlight three steps you can take to significantly protect your infrastructure from being compromised, and ensure that you are properly securing your servers.
Step 1 – Shut Down Access
As IT admins install appropriate software packages and applications onto servers, invariably ports are opened and services enabled. This makes a security breach for a hacker easier and easier.
Essentially, the more ports and services you tamper with, the more surface area there is available for hackers.
Depending upon your architecture, see if you can keep ports opened “behind” the firewall in a VPC environment. This helps ensure that the fewest possible ports are opened to the public facing Internet, but you’re still able to accomplish your job. You can also specify which servers, or services, communicate with your AWS machines if you happen to use them (or with your IaaS provider of choice).
Step 2 – Patch Your Servers
If you have ports or services that are open publicly, it is imperative that they are patched to ensure that you are securing your servers.
A patch is an update of software or code designed to fix or solve problems in your computing framework.
IT admins should be updating patches on their servers as often as new data or systems allow them to, in order to have the most risk-mitigated servers attainable. To make effective patches, there are four main steps you can take:
- Stay informed about the most crucial updates to cloud computing (Microsoft releases updates monthly)
- Automate your patch process
- Test your patches thoroughly and frequently to maintain the highest level patch, and to anticipate any errors in your system that hackers could get around
- Verify that all your patches are functioning as designed (this last step could include periodic scans with Microsoft Baseline Security Analyzer, or another vulnerability assessment tool, to make sure all servers are patched and up to date, and/or spot checking individual machines for proper patches)
Step 3 – Tightly Control User Access
Finally, consider tightly controlling user access to all of your servers. Ideally, IT admins have complete control in administering access privileges, both individual and group, so that employees have the access they need to do their jobs, and nothing more. This tight control limits the amount of access a hacker would have if one users identity was compromised. Limited access acts as an obstacle a hacker has to work around to get to his goal – your data.
The more granular an IT admin’s user control, the better the overall security for the organization.
To do this, apply standards of access permissions, authentication, and authorization for your IT admins to implement. Double check that permissions are accurate by checking individual devices and ensuring their permissions are correct. Additionally, implement IT technologies that automatically sync changes in user accounts. The technology you need should work seamlessly with Windows, Macs, Linux, and other devices to prevent any terminated user ad hoc access to accounts due to their aberrational device.Securing Your Servers
Please note that this is a quick hitter list. These should be the minimum things that you should be doing. There are any number of additional tools, technologies, and processes that you could use to help protect your cloud server infrastructure. We’ll plan to discuss many of those in a separate post. In the meantime, please go check your IaaS infrastructure. Are all of your ports shut down? All servers patched? Are you sure you have control over everybody accessing your servers?
IaaS is incredibly powerful. Take the steps that you need to take to protect you and your organization from being the next victim. If you have any further questions about securing your servers and infrastructure, drop us a line or give us a call. Our team would be happy to spend time talking to you about the best ways to lock down your IaaS infrastructure.