Server Security is a Web server that guarantees secure online transactions. Server Security use the Secure Sockets Layer (SSL) protocol for data encryption and decryption to protect data from unauthorized interception. Server Security is used by online retailers and any organization with a Web presence.
Web server security is important for any organizations that have a physical or virtual Web server connected to the Internet. It requires a covered defense and is especially important for organizations with customer-facing websites. Server security comes to being confidentially, integrity, availability of appropriate information and authentication. A leaky server can cause a vital harm to an organization. So security is the most complex topic that modern world is concerned about. A security breach incurs a cost for the organization in the terms of money as well as goodwill. Databases store confidential and sensitive information. Hence, it is the most important task of an organization to endanger crucial information from being stolen and misused. Common Server Security issues faced
- Weak Passwords
- Open Network Ports
- Old Software Version
- Poor Physical Security
- Insecure CGIs
- Stale and Unnecessary Accounts
Servers provide an array of internal and external user services in organizations, which are constantly vulnerable to security threats, due to data sensitivity.
Secure servers help an organizations and businesses conduct secure and private network transactions. Until recently, e-commerce opportunities were frequently lost because of online user security concerns. As a part of the School of Medicine Security Initiative, we need accurate information about all devices that store Stanford data. That includes both "endpoint" devices (laptops, desktops, mobile devices) and now, servers.
There's now a project to range the servers on campus: SUSI (Stanford University System Inventory). It's important to entire the inventory step as part of the process of securing a server. If you are the listed user or administrator for a server, you must create a new record for it in SUSI. All servers on campus must rebel to School of Medicine minimum security standards, whether hosted by IRT or otherwise. If you are running a server that is not physically located in the data center, you will need to make sure that you're following Stanford policy about keeping the data properly secured. You may also choose have to a server moved to the data center and hosted or managed by IRT. Anywhere it's physically located; you want to make sure that it's correctly configured for good security.
A first priority in planning and management of a server is what kind of Stanford data it's going to be storing: High Risk, Moderate Risk, and Low Risk. It is also has examples of servers and applications that may be classified High, Moderate, or Low Risk, based on the kinds of information they deal with. The University IT Minimum Security Standards explain compliance for Endpoints, Servers and Applications depending on risk categorization. The standards for any device which may access or store High Risk data are more rigorous than those that do not.
- Update your OS regularly as within hours of critical updates.
- Update your control panel regularly.
- Reduce information disclosure, e.g. changing Server Tokens in Apache.
- Don’t install software that is not used.
- Don’t store the backups or old versions of software on the production system.
- Restrict access to directories with proper permissions
- Make sure logs are working properly.
- Make sure you log all admin level access with date, times and usernames.
- Make sure you use a firewall.
- Remove default accounts in MySQL.
- Disable direct root login in SSH.
- Get rid of passwords with SSH keys.
- Disable unused services.
- Maintain backups.
- Test backups.
- Do not do development on production systems.
- Stay updated with subscription to security notification services.
- Monitor web traffic for unusual activity.
- Conduct regular, remote security scans.
- Conduct regular, local security scans.
- Harden defaulting service settings in Apache, SSH and other services.
- Use root account only when required.
- Use sudo to grant others origin level access.
- Enable SELinux if possible.
- Use private networks for internal server traffic.
- Use encryption when appropriate.
- Conduct password audits.
- Enforce strong passwords and change policies.