Learn what you can do to protect your server environment in your small business.

Servers are the workhorse of many small business' IT systems. A server is a computer that processes requests for data such as email, file transfers, web documents, and services from the client computers that are connected to it through a network. There are several different types of servers, including application servers, database servers, file servers, and web servers. Since servers host valuable information, they are often the targets of threats. Your business' email and file servers are vulnerable to viruses, worms, Trojan horses, and DoS (denial-of-service) attacks. Also, hackers can shut down or disable a server to prevent a business from running its operations. If your business is a victim of a server security breach, you could lose valuable time and money since your client machines are dependent on the servers for a variety of purposes, ranging from applications to email.

Recommendations

Here are some steps you can take to protect your servers:

  • Harden Operating Systems: Each server has an operating system and is therefore vulnerable to security breaches in operating systems. Since most out of the box operating systems are not configured for maximum security by default, it is important that you harden the operating systems you use on your servers. You should remove any unnecessary tools and utilities and update patches to your operating system as fixes to newly discovered security vulnerabilities are offered.
  • Encrypt and Authenticate: Depending on the needs of your business, you may have several different types of servers. It is a good idea to allocate each server for a specific purpose, since web servers and email servers will be accessed from outside of your business, thereby making them public servers. File or database servers may contain data that is confidential and can be allocated as private servers. In fact, you may also want to consider installing access controls, including encryption of all login sessions. Encryption at the server level also allows for a more secure form of IM (instant messaging). By using a corporate IM server with encryption, you can render messages unreadable by hackers or anyone who intercepts a message during transmission.
  • Restrict Access: Add another layer of security to your servers by allowing access only to select users who must log in with a username and password. By setting up authentication, you can monitor server access and restrict file access privileges to users you select. Monitoring logs regularly and maintaining log files can help detect unusual activity. You can also utilize vulnerability testing software to regularly scan your servers to determine if there has been any suspicious activity, and then take appropriate action to correct any problems.
  • Protect Data and Backup Servers: Since servers store a great deal of information, protecting the servers as well as the data on them is important. You should keep your server equipment in a secure location and only allow designated persons access. In addition, you should have a backup plan for your servers to protect your data. By backing up server data to a remote location, you will be protected in case there is any physical damage to your servers. Continuous data protection is a backup option that protects your servers on an ongoing basis, so that you can recover from any data losses faster.
  • Install Antivirus and Firewalls: Servers are vulnerable to the same viruses and threats as other machines since they are connected to a network and can be accessed by other computing devices. You should install antivirus software on each server to protect against viruses, worms, Trojan horses, and other malicious code. In addition, regularly updating antivirus software will help keep your servers protected. Firewalls limit network access and are an important security mechanism to have in place on your servers. By installing a combination of software and hardware firewalls to your server and network, you can help protect your private data from intruders.

Conclusion

Servers play an important role in most small business' daily operations, and they store important and often confidential data. Because most business' operations rely on servers for a variety of resources including files, email, and applications, it is important to keep servers up and running and secure at all times. By taking precautionary methods now to protect your server, you can protect your business by creating a more secure computing environment.

 

Reprinted with permission from SymantecTM  Corporation. Copyright 2007. All rights reserved.

he information contained in this document, including all instructions, cautions, and regulatory approvals and certifications, is provided by Symantec Corporation and has not been independently verified or tested by Dell. All questions or comments relating to such statements or claims should be directed to Symantec.