INFORMATION TECHNOLOGY

Server Security

www.senati.edu.pe
 Objective:

❑ Identify the main issues related to Server Security.

www.senati.edu.pe
 What is server security?
Server security covers the processes and tools
used to protect the valuable data and assets
held on an organization’s servers, as well as to
protect the server’s resources.

Due to the sensitive information

they hold, servers are frequently
targeted by cybercriminals looking
to exploit weaknesses in server
security for financial gain.

www.senati.edu.pe
 Servers sit at the heart of an organization’s IT infrastructure and allow large
numbers of users to access the same information or functionality, often remotely.
Generally, they are used to run email systems, power the internet, and host files.

The problem, though, is that

something as simple as a weak
password, missing antivirus software,
or user error could expose the
business to substantial loss.

To be most effective, security for servers should be arranged in

layers. For maximum protection, it is necessary to address
potential issues in one’s network, the server’s operating system,
and any applications or software hosted on one’s server.

www.senati.edu.pe
 Common server security issues
Here’s a list of common mistakes that cause server security issues and make
sure that you and your employees are not making any of them:

Passwords

❑ Weak passwords can be easily hacked and

poor security controls can lead to passwords
being stolen and sold on the dark web.
Consider using a password manager if you’re
concerned about the integrity of your
passwords.

www.senati.edu.pe
 Old software/operating systems

❑ Cybercriminals are constantly identifying and

exploiting weaknesses in software, which means
that running an outdated version significantly
increases your risk of exposure.

Patch management

❑ By using a patch management service, you

can ensure any changes in code are
acquired, tested, and installed.

www.senati.edu.pe
 Open network ports

❑ Misconfigured servers can be easily

exploited.

Old and unnecessary accounts

❑ Unused accounts offer hackers an additional

way in.

www.senati.edu.pe
 Poor physical security

❑ Not all threats are virtual. Poorly secured keys

can be just as dangerous.

www.senati.edu.pe
 Server security hardening

To ensure maximum protection of your server, you should complete the

process of server security hardening. In simple terms, that means applying a
combination of basic and advanced security measures to address
vulnerabilities in your server software and operating system to boost overall
server security.

Common ways to achieve server hardening include:

✓Using strong passwords.

✓Ensuring that communications are data encrypted.
✓Completing regular system backups.
www.senati.edu.pe
 ✓Keeping operating systems up to date and applying security patches as they
are released.

✓Removing unnecessary third-party software.

✓Installing firewalls and antivirus software.
✓Conducting regular penetration tests.

www.senati.edu.pe
 How to secure your server

Looking for guidance on how to secure a server can pull up an overwhelming

array of technical information. Here’s a list of the main web-server security
best practices that you should follow for effective protection.

❖ Use a secure connection

Passwords are vulnerable to brute-force attacks in which cybercriminals use advanced

algorithms to test vast combinations of letters and numbers in an attempt to crack passwords.

A more secure alternative to password-based authentication is using SSH (Secure Shell) to

establish a secure connection with your server. SSH keys consist of a pair of cryptographically
secure keys containing a public and a private key.

www.senati.edu.pe
 ❖ Connect via a private network or VPN

Another recommended security practice is to use a private network or virtual private network
(VPN) to ensure secure data communications.

A private network is restricted to certain users or servers through the use of a private IP
address.

www.senati.edu.pe
 ❖ Employ SSL/TLS

Server security certificates are another effective safeguard. Server security certificates are
cryptographic protocols - SSL (Secure Sockets Layer) and its successor TLS (Transport Layer
Security) - that are used for authentication and encryption.

In simple terms, they safeguard network

communications by scrambling sensitive data sent via
the internet, such as passwords, usernames, and
credit card details, allowing servers to validate entities.

www.senati.edu.pe
 ❖ Regularly update your operating system

A key step in securing your server is ensuring that you are always running the most recent
version of your operating system. Hackers routinely expose weaknesses in software that
developers then work to shore up.

Updates are released as security patches and should be

installed immediately, ideally automatically. Failing to
keep your operating system, or any other software
running on your server, up to date, effectively leaves it
open to known vulnerabilities.

www.senati.edu.pe
 ❖ Configure the OS based on best practice guidelines

For the greatest protection, ensure that your operating system is configured according to server
security best practices. These include, but aren’t limited to:

✓Changing the default passwords on any installed third-party software

✓Setting user privileges to the minimum necessary for the individual to do their job
✓Deleting or disabling any unnecessary accounts
✓Creating stringent guidelines for passwords and ensuring all system passwords
comply

✓Disabling any unnecessary services or applications.

www.senati.edu.pe
 Server security checklist
Consider this server security checklist, so you know everything you need to do, from initial
setup to long-term maintenance.

1- Record server details

• First of all, identify and make a note of all the important details relating to
your server, such as the server identification number and the MAC address.

2- Consider physical safeguards

• Although the server is at virtual risk from adversaries, you should also
consider physical safeguards to prevent unauthorized access. Restrict
access to the server room to as few people as possible and ensure that keys
are kept secure.
3- Set up server logging
• Keep an eye on what’s happening and enable traceability by configuring
event logs. Monitor remote access logs and follow up on any suspicious
activity as well as logging account logins, system configuration changes, and
permission changes. Consider backing up logs to a separate log server.

www.senati.edu.pe
 4- Avoid patching weaknesses
• Check that the operating system and any other software or applications are
running the most up-to-date versions.

5- Restrict software
• Remove any unused or unnecessary software or operating system components.
Similarly, any unnecessary services should be disabled.

6- Monitor hardware
• Carry out regular hardware maintenance and routinely inspect your server for any
aged or damaged components that may need replacing.

7- Ensure system integrity

• Employ robust authentication methods such as two-factor authentication for all
system administrators. Remove any accounts that are no longer necessary.

8- Implement backup procedures

• Aim to automate regular server backups and routinely check that they are
operating as expected. From time to time you should test recovery images.

www.senati.edu.pe
 Great job!
www.senati.edu.pe
 Now you can identify the main issues related
to Server Security.

www.senati.edu.pe
 Conclusion

Server security covers the

processes and tools used to protect
the valuable data and assets held
on an organization’s servers, as
well as to protect the server’s
resources.

www.senati.edu.pe