In March 2014, South Korean telecom major, KT Corp suffered a major cyber-attack in which, reportedly, personal information of 12 million customers was put at risk.
Around the same time, the North Dakota University System alerted over 290,000 students and alumni as well as some faculty members that their personal details including social security numbers might have been compromised following an attack on one of their servers.
These and other serious server breaches in the very recent past have revealed major weaknesses in server –level security. Threats currently appear to be running ahead of security measures.
Web servers are prime targets because they often store confidential and therefore prized information. Securing your organization’s website, web applications and the network doesn’t constitute total protection. It’s essential to secure your web server as well.
Recently, open-source Apache and Nginx servers, both among the most widely used web servers, have had potentially critical security flaws eliminated. Though vendors are attempting to fix vulnerabilities as soon as these come to light, web servers are far from impregnable. In the circumstances, businesses and institutions need to take solid measures to protect customers’ data.
Implementing robust data encryption technology and controlling access to servers and thereby sensitive data at multiple levels is crucial.
The following security measures might help administrators bolster server security:
It’s vitally important that customers’ data as well as other sensitive information should be stored in databases that are secured with advanced encryption protocols. It’s prudent to have multi-level passwords to access personal and other classified information as well as to change passwords periodically.
Administrators need to ensure that operating systems and software are regularly updated because hackers have been known to exploit un-patched software. Security patches need to be installed as soon as they’re issued.
Unnecessary applications that turn on by default every time the server boots should be disabled because leaving more ports open means giving hackers more access points to infiltrate your database.
Installing and running credible and updated anti-malware software on servers and workstations is imperative. The firewall should be enabled at all times.
Web server logs need to be monitored regularly and any unusual activity should be looked into. The logs contain records of attacks and attempted ones.
Users with malicious intent can execute files if they have unlimited access to network services. Therefore, permissions and privileges to use network services need to be limited to the minimum so as to allow only restricted access. Also, user accounts that are not in use should be disabled to prevent misuse.
Employees who have access to sensitive data need to be monitored regularly and levels of access should be clearly defined. Insider attacks have happened in the past.
Web server software normally comes with security tools, which should not be ignored. Using these can help enhance server security. It’s also advisable to scan servers and web applications periodically for vulnerabilities.
A security risk is a business risk. Given that the methodology of cyber-attacks is evolving rapidly, companies and institutions need to keep themselves informed about the latest in infiltration methods and implement comprehensive and advanced security protocols to protect their systems and customers’ data.